[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: Authenticated replication with TLS
Read the Admin Guide http://www.openldap.org/doc/admin21/tls.html and
ldap.conf(5). You need to setup a .ldaprc file for slurpd that tells where to
find the cert and private key that slurpd will use. You don't have to tell
SASL anything about this stuff, SASL/EXTERNAL is mostly a no-op as far as the
SASL library goes. It all depends on your .ldaprc file.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Jani
> Patokallio
> Sent: Thursday, October 24, 2002 2:05 AM
> To: openldap-software@OpenLDAP.org
> Subject: Authenticated replication with TLS
>
>
> Greetings,
>
> Despite quite a bit of searching on the Web, I've been unable to
> figure out exactly how I'm supposed to do authenticated replication
> through SASL EXTERNAL and TLS. The OpenLDAP part of the server's
> configuration seems clear enough...
>
> replica bindmethod=sasl
> mech=EXTERNAL
> authcid=[myID]
>
> ...but how do I tell SASL where to find the server's key,
> certificates, etc?
> Could somebody with a working setup share their config files?
>
> FWIW, I'm using OpenLDAP 2.1.8 with Cyrus SASL 1.5.4, and
> have managed to
> get TLS and client-server authentication running quite happily.
>
> Cheers,
> --
> Jani Patokallio >0._, unction of my function. urge. urging of
> my purging.
> jpatokal@iki.fi `..' nip. nip of my snip. now. now. now of
> my enow. NOW.
>
>