[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Certificate in openldap

To: Richard Levitte - VMS Whacker <levitte@stacken.kth.se>
Subject: Re: Certificate in openldap
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 20 Jan 2003 16:54:06 +0100
Cc: G.De_Leeuw@eurofer.be, openldap-software@OpenLDAP.org
In-reply-to: <20030120.141242.108781041.levitte@stacken.kth.se>
Organization:
References: <001301c2c080$fc22a130$a503a8c0@PCGDL> <20030120.141242.108781041.levitte@stacken.kth.se>

man, 2003-01-20 kl. 14:12 skrev Richard Levitte - VMS Whacker:
> In message <001301c2c080$fc22a130$a503a8c0@PCGDL> on Mon, 20 Jan 2003
> 13:39:33 +0100, "De Leeuw Guy" <G.De_Leeuw@eurofer.be> said:
> 
> G.De_Leeuw> What is the recommended format of a certificate to add
> this cert in ldap ?
> G.De_Leeuw> Pem, der, crt ???
> 
> The attribute userCertificate;binary should take a certificate in raw
> DER.

Possibly. But that will break an awful lot of servers, such as Openldap,
and clients that can only work with .pem BER encoding. OTOH, FreeS/WAN
IPSEC insists on hashes, together with their .der cert. Not exactly easy
for the beginner.

> What, exactly, is the format "crt"?

Microsoft "embrace and extend." Only one step worse, is Lucent's Brick 5
stuff which needs 2 certs where others use one.

Best,

Tony

-- 

Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Follow-Ups:
- Re: Certificate in openldap
  - From: Richard Levitte - VMS Whacker <levitte@stacken.kth.se>

References:
- Certificate in openldap
  - From: "De Leeuw Guy" <G.De_Leeuw@eurofer.be>
- Re: Certificate in openldap
  - From: Richard Levitte - VMS Whacker <levitte@stacken.kth.se>

Prev by Date: Re: Need some help with this authentication problem
Next by Date: Re: md5 crypt hashed passwords on linux openldap server
Index(es):
- Chronological
- Thread