[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Setting certificate file for client
I'm getting some trouble using LDAP over TLS/SSL. I'm using
openldap-2.0.23.
The problem is that I can authenticate the server from the clients but
not the vice-versa. I would like to autenticate the clients, so I put:
TLSVerifyClient 1
(tried using hard, or demand, instead of 1, but this is the only way it
worked). This way I can authenticate only if I have something like:
TLS_CACERT /etc/ssl/certs/cacert.pem
TLS_CERT /etc/ssl/certs/newcert.pem
TLS_KEY /etc/ssl/certs/newkey.pem
in .ldaprc, sending the client certificate. The problem seems that there
is no way to set things system-wide and then I cannot autheticate when
using libnss-ldap.
There is any vay I can set a client certificate to system-wide use? I
tried to put the same lines inside ldap.conf, but no results.
Thanks anyway
Simone