[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SSL Cert Question

To: <openldap-software@OpenLDAP.org>
Subject: RE: SSL Cert Question
From: "Jeff Saxton" <jsaxton@addamark.com>
Date: Mon, 2 Aug 2004 08:28:31 -0700
Importance: Normal
In-reply-to: <21896305784EA1BB06EE260B@cadabra-dsl.stanford.edu>

Yeah.
I found the TLS_CACERT and TLS_CACERTDIR stuff on the train home
tonight, so I guess one
Approach is to create my own CA and distribute the CA cert manually, not
a hugh deal since
I have < 100 servers.  This may be OT but does anyone know if the NSS
stuff has a similar option,
And also, will $ldap = Net::LDAP->bind() respect this?

Other that that I guess I'll buy from a root CA like Verisign or
whoever.

Thanks for your help :)

--On Friday, July 30, 2004 4:13 PM -0700 Jeff Saxton
<jsaxton@addamark.com> 
wrote:

>
> Is there any way to specify an SSL Certificate Chain file for slapd? 
> We would likee to avoid the additional cost of purchasing from a root 
> CA We would also like to avoid setting up our own CA if possible.

man slapd.conf
man ldap.conf

You will need a CA of some sort.

--Quanah

--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

Prev by Date: API use in Shared objects?
Next by Date: Kerberos
Index(es):
- Chronological
- Thread