[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Netscape communicator can't find cert for a given email address
At 03:15 PM 9/19/00 -0700, John Zhou wrote:
>Netscape Communicator does not load base64-encoded certs. See the
>mailing-list archive for recent discussions about this topic and the
>differences when using OpenLDAP 1.2.x or 2.0.x.
>
>> I converted the format to binary and send them back to LDAP again
>
>You're on the right track. See the archive.
>
>**********************************************************************
>I still cannot figure it out. I added the certs to LDAP server based on
>following code:
>
> LDAPMod **mods;
>
> mods[1]->mod_op = LDAP_MOD_BVALUES;
> mods[1]->mod_type = "userCertificate";
> cert_berval.bv_len = cert_len; /*the length of the cert*/
> cert_berval.bv_val = cert; /*the binary certificate*/
> cert_values[0] = &cert_berval;
> cert_values[1] = NULL;
> mods[1]->mod_bvalues = cert_values;
> ldap_add( ld, dn, mods );
>After running the code, I can see the entry in Netscape address book.
>But when I try to retrieve the certs through Netscape Communicator security
>dialog, the result is that cannot find the certificate for the given email
>address.
>
>I found some message in the mailing_list archive. Someone said it's probably
>necessary to add the binary option to the userCertificate attribute. I am
>not sure which file I need to modify in LDAP server.
Likely none... you likely need to modify your code to transfer
the attribute using the ;binary attribute description option.
That is, change "userCertificate" to "userCertificate;binary".
Kurt