[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: openldap-2.0/TLS certificate error

To: "Cheng, Ted C" <Ted.Cheng@ca.com>
Subject: RE: openldap-2.0/TLS certificate error
From: Mark Valence <kurash@sassafras.com>
Date: Tue, 13 Jun 2000 15:46:51 -0400
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <C58849E5BCF6D311B07E009027863A9001A92CCE@usilms08.cai.com>
References: <C58849E5BCF6D311B07E009027863A9001A92CCE@usilms08.cai.com>

I'm a bit shaky on the client side, maybe someone else has a more definitive answer.

How about on the client side? That is, how does
a client present certificate to slapd when requested?

You need to set TLS_KEY in your ldap.conf file to the path to your private key file, and TLS_CERT as well. In any case, this option is not fully implemented, since the server does not use the identity from the certificate.

and, how does a client verify server certificate
when presented?

That's not implemented yet. When it is, you'll need to have TLS_CACERT and TLS_CERT entries in ldap.conf.

Mark.

Follow-Ups:
- RE: openldap-2.0/TLS certificate error
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: openldap-2.0/TLS certificate error
  - From: Scott Kelley <scottk@mp3.com>

References:
- RE: openldap-2.0/TLS certificate error
  - From: "Cheng, Ted C" <Ted.Cheng@ca.com>

Prev by Date: RE: openldap-2.0/TLS certificate error
Next by Date: RE: openldap-2.0/TLS certificate error
Index(es):
- Chronological
- Thread