[Date Prev][Date Next] [Chronological] [Thread] [Top]

CRL verification in slapd

To: openldap-devel@OpenLDAP.org
Subject: CRL verification in slapd
From: Ralf Haferkamp <rhafer@suse.de>
Date: Tue, 26 Oct 2004 14:53:23 +0200
Content-disposition: inline
User-agent: KMail/1.7.1

Hi,

As openssl-0.9.7* has some CRL checking capabilities, I am currently working 
on implementing CRL checking in slapd. Therefor I plan to add the following 
directives to ldap.conf and slapd.conf:

ldap.conf:
TLS_CRL_CHECK

slapd.conf:
TLSCRLCheck

The possible values of these would be: (reflecting the possibilities, that 
openssl-0.9.7d currently has)

"no"	do not perform any CRL checks (this would be the default)
"yes"   perform CRL checks
"all"   perform CRL checks for a for whole chain

Any comments or suggestings regarding this?

-- 
regards,
	Ralf Haferkamp
SUSE LINUX AG, Maxfeldstrasse 5, D-90409 Nuernberg
T: +49-911-74053-0
F: +49-911-74053575 - Ralf.Haferkamp@suse.com

Follow-Ups:
- Re: CRL verification in slapd
  - From: Howard Chu <hyc@symas.com>
- Re: CRL verification in slapd
  - From: Michael Ströder <michael@stroeder.com>

Prev by Date: LDAP Audit Logging
Next by Date: Re: CRL verification in slapd
Index(es):
- Chronological
- Thread