[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SSL Cert Question



Yeah.
I found the TLS_CACERT and TLS_CACERTDIR stuff on the train home
tonight, so I guess one
Approach is to create my own CA and distribute the CA cert manually, not
a hugh deal since
I have < 100 servers.  This may be OT but does anyone know if the NSS
stuff has a similar option,
And also, will $ldap = Net::LDAP->bind() respect this?

Other that that I guess I'll buy from a root CA like Verisign or
whoever.

Thanks for your help :)

--On Friday, July 30, 2004 4:13 PM -0700 Jeff Saxton
<jsaxton@addamark.com> 
wrote:

>
> Is there any way to specify an SSL Certificate Chain file for slapd? 
> We would likee to avoid the additional cost of purchasing from a root 
> CA We would also like to avoid setting up our own CA if possible.

man slapd.conf
man ldap.conf

You will need a CA of some sort.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html