[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenSSL usage?



Thanks

I have created a demoCA and a test server certificate and privatekey using
openssl to create DSA rather then RSA, is that correct.

I saw somewhere that the private key must not be password protected, how is
that done?


----- Original Message -----
From: "Howard Chu" <hyc@highlandsun.com>
To: "Jim Hud" <jdhz@btinternet.com>; <openldap-software@OpenLDAP.org>
Sent: Wednesday, October 11, 2000 11:57 AM
Subject: RE: OpenSSL usage?


> If you intend to use OpenSSL to establish your own Certificate Authority,
> you should start
> by looking at the documentation on www.openssl.org. There are mailing
lists
> for help using the OpenSSL tools referenced on that site.
>
> You will need the certificate from your Certificate Authority as well as
> your own server certificate.
>
> There are a number of relevant config options for setting up the
> certificate. You can see how they work in slapd/config.c.
>
> The bare minimum:
> TLSCertificateFile  /path/to/server/certificate.pem
> TLSCertificateKeyFile /path/to/server/privatekey.pem
> TLSCACertificateFile /path/to/certificateAuthority/certificate.pem
>
> If you want to require clients to supply a client cert, you can add
> TLSVerifyClient 1
>
>
> > -----Original Message-----
> > From: owner-openldap-software@OpenLDAP.org
> > [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Jim Hud
> > Sent: Wednesday, October 11, 2000 5:35 AM
> > To: openldap-software@OpenLDAP.org
> > Subject: OpenSSL usage?
> >
> >
> > I am trying to setup openldap-2.0.6 and OpenSSL-0.9.6
> >
> > Can anyone point me in the right direction, how do I create the server
> > certificate and configure slapd to use it?
> >
> > Any other points, if/when I get it to work I will write a faq on it.
> >
> >
> >
> >
> >
>
>