[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS Certificate Generation section and Troubleshooting Checklist
<quote who="Howard Chu">
> Quanah Gibson-Mount wrote:
>> ----- "Gavin Henry" <ghenry@suretecsystems.com> wrote:
>>> Dear All,
>>>
>>> Should we merge the TLS cert generation seciton of the FAQ into
>>> TLS.sdf?
>>
>>
>> Sounds good to me.
>
> That really falls outside the purpose of the OpenLDAP Admin Guide, i.e., a
> guide to administering *OpenLDAP* software. We can reference the FAQ
> article,
> or a separately packaged HOWTO document, but IMO it does not belong in the
> Guide itself. Just as we talk about how Kerberos or SASL may be used, but
> don't
> discuss how to initialize and populate a KDC or SASL authentication DB.
This is why I asked, as I had a feeling it shouldn't, but it comes up so
many times. A link to the FAQ entry will be fine.
>
> At some point we'll have our own certificate-generating overlay, in which
> case
> it will be an actual piece of OpenLDAP software, and then it will be a
> legitimate topic for the Guide. I.e., I do feel that the lack of integral
> X.509
> support is something we need to address, and that the overall topic
> properly
> belongs under the OpenLDAP umbrella since it is a core element of the
> X.500
> spec. We just aren't there yet.
Would be very cool.
> --
> -- Howard Chu
> Chief Architect, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>