(Answer) (Category) OpenLDAP Faq-O-Matic : (Category) Trash : (Answer) How to import X.509 certificates from OpenLDAP?
This answer refers to what seems to be a bug in Netscape 4.x when importing X.509 certificates from OpenLDAP. What happens is that when one tries to get a client certificate from OpenLDAP with Netscape 4.x (Security->Certificates->People->Search Directory) a message appears from Netscape saying something like: "certificate found for the following email user: <email address follows>". Sometimes the certificate is not really imported in Netscape, despite the previous message says the certificate has been successfully imported. This happens when the certificate has been generated without an e-mail address into the subject DN field. Netscape should prompt an error message in this case, but it does not.
 So, it seems that Netscape acts like this when he has to import certificates
 from Directory:
 
 1) Search Directory for entries with "mail" attribute matching subject
 e-mail
 
 2) Get certificate from directory (if any)
 
 3) Really import certificate if and only if  there is a matching e-mail
 attribute in the subject's certificate

lmodeo@hotmail.com
[Append to This Answer]
Previous: (Answer) How to make OpenLDAP accessible from Netscape?
Next: (Answer) How do I Integrate OpenLDAP with Netscape Enterprise Server?
This document is: http://www.openldap.org/faq/index.cgi?file=439
[Search] [Appearance]
This is a Faq-O-Matic 2.719.
© Copyright 2004, OpenLDAP Foundation, info@OpenLDAP.org