[Date Prev][Date Next] [Chronological] [Thread] [Top]

userCertificate needs binary format



Title: userCertificate needs binary format

I'm trying to do this with OpenLDAP 2.0.23 on RH7.0 linux (not from an RPM, I compiled it):

ldapmodify -D "cn=Manager,dc=f5,dc=com" -W -x -f mod.ldif
ldap_modify: Object class violation
        additional info:  attribute 'userCertificate;binary' not allowed
ldif_record() = 65

Here is the contents of mod.ldif:
dn: uid=dude,ou=People,dc=f5,dc=com
changetype: modify
add: userCertificate;binary
userCertificate;binary:< file:///tmp/cert.der


This is the example given on the mailing list multiple times, and I can't figure out why it won't work.

If I remove the ';binary' from the last line, then I get:
ldap_modify: Undefined attribute type
        additional info: userCertificate: requires binary transfer
ldif_record() = 17
 

I don't want to have to base64 encode all my files and put them inline in the userCertificate:: address, and I really do want to just add then userCertificate entry to the already existing user.

What am I doing wrong?