[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Store X.509 using OpenLDAP?
The sample LDIF I provided was demonstrated how to add
a userCertificate attribute to an existing entry. Such
LDIF can be feed into ldapmodify(1).
At 02:09 PM 4/24/01, Monce Picard wrote:
>----- Original Message -----
>From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
>> At 06:00 PM 4/15/01 +0700, Monce Picard wrote:
>> >What should I do when I want to store digital certificates
>> >(X.509) using OpenLDAP?
>> You add userCertificate attributes to your objects.
>> Values of userCertificate values need to be transferred
>> using the ;binary (BER) encoding option. E.g.:
>>
>> dn: cn=foo
>> changetype: modify
>> add: userCertificate;binary
>> userCertificate;binary:: base64-BER-encoded-X509-certificate
>******
> This is what I have tried:
>
> I have a file named "example.ldif":
> dn: cn=Digital Certificates, dc=example, dc=com
> changetype: modify
> add: userCertificate;binary
> userCertificate;binary::
>MIIDlzCCAn+gAwIBAgIRAMKrpwMAABjYAAAABQAAAAgwDQYJKoZIhvcNAQEFBQAw
> ...certificates encoded...
> 4sBxFfwLdT139cM=
>
> I use: ldapadd -x -D "cn=Digital Certificates, dc=example,
>dc=com" -W -f example.ldif
> then gives result:
>
> ldapadd: unknown changetype "modify" (line 2 of entry "cn=Digital
>Certificates, dc=example,
> dc=com")
>
> ldif_record() = 89
>
> and this is my "slapd.conf":
>
> # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.4 2000/08/26
>17:06:18 kurt Exp $
> include /usr/local/etc/openldap/schema/core.schema
> pidfile /usr/local/var/slapd.pid
> argsfile /usr/local/var/slapd.args
> database ldbm
> suffix "dc=example, dc=com"
> rootdn "cn=Digital Certificates, dc=example, dc=com"
> rootpw secret
> directory /usr/local/var/openldap-ldbm
> index objectClass eq
>
> Do I miss something? Thanks in advance.
>
> Regards,
>
>
>
> Permono, R.