[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL/TLS server certificate

To: openldap-software@OpenLDAP.org
Subject: Re: SSL/TLS server certificate
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Mon, 03 May 2004 16:31:38 +0200
In-reply-to: <200405031047.i43AlU4w024120@relay1.fe.up.pt> (Jorge Ruão's message of "Mon, 3 May 2004 11:46:51 +0100")
References: <200405031047.i43AlU4w024120@relay1.fe.up.pt>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Jorge Ruão <jruao@fe.up.pt> writes:

> Thanks,
>
> It worked fine when I set the TLS_CACERT and CACERTDIR.
>
> I've when question more.
> If I want to use two OpenLDAP Servers, I must place the both CA certificates
> to access each one on the client. But I can only specify one CA certificate
> file in ldap.conf. Is it the solution to store both CA certificates in the
> same file or is there a way around to use two CA certificates files without
> having to change all the time the ldap.conf file each time I want to access
> a different server?

You should create a network wide CA certificate and distribute it to
all your servers and hosts. 

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

References:
- RE: SSL/TLS server certificate
  - From: Jorge Ruão <jruao@fe.up.pt>

Prev by Date: RE: slow search on indexed attribute
Next by Date: referral and ldapsearch
Index(es):
- Chronological
- Thread