[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + TLS



Anderson Alves de Albuquerque wrote:



My server and client are in the one computer.

I put in mu config server (slapd.conf):
------------------- slapd.conf ---------------------
TLSCipherSuite HIGH:MEDIUM:+SSLv2:+SSLv3:RSA:+TLSv1
TLSCACertificateFile /usr/local/openldap-data/cacert.pem
TLSCertificateFile /usr/local/openldap-data/servercrt.pem
TLSCertificateKeyFile /usr/local/openldap-data/serverkey.pem
TLSVerifyClient demand
TLSCACertificatePath /usr/local/openldap-data/
--------------------------------------------------


In my client: -------------- ldap.conf ---------------------------- TLS_CACERT /etc/ldap/cacert.pem TLS_CACERTDIR /etc/ldap/ TLS_CERT /usr/local/openldap-data/servercrt.pem TLS_KEY /usr/local/openldap-data/serverkey.pem TLS_REQCERT demand ------------------------------------------------------





See how you go with "TLSVerifyClient try" and "TLS_REQCERT try"

Regards,


Warren Howard www.nature-soft.com