[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS errors out



Hi,

On Friday 25 October 2002 12:04, Bill Dossett wrote:
> You seem to be recommending that I pay for a cert?  I was hoping
> to create my own.  Again, sorry if I'm misunderstanding, but I'm
> not that keen on spending money on certs.

You do not need to pay for a cert.
All you need to do is to create a self signed CA cert
(if you do not already have a CA in your company),
then create a cert req for the OpenLDAP server
and sign it using the CA cert to create the server cert.

This way you can 
* have different server / client keys signed by the same CA
* replace the server cert without destroying the whole trust scenario
* ....

Yours
Peter
-- 
Peter Marschall     |   eMail: peter.marschall@mayn.de
Scheffelstraße 15   |          peter.marschall@is-energy.de
97072 Würzburg      |   Tel:   0931/14721
PGP:  D7 FF 20 FE E6 6B 31 74  D1 10 88 E0 3C FE 28 35