[Date Prev][Date Next] [Chronological] [Thread] [Top]

slapd working on localhost and *real* interface: What about certificates ?



Hi everybody,

i'm trying to find out how to manage with certificates
if slapd is running on localhost AND a real IP
(example 192.168.1.1: server.somewhere.net)

The commandline for slapd would be :

slapd -d 0 -u ldap "-h ldap://server.somewhere.net:389/
ldap://localhost:389";


So, if i want to use TLS i have to have a certificate.

Easy to configure for server.somewhere.net,
would be something like that :

TLSCACertificateFile  /etc/ldapcert/ldapCA.pem
TLSCertificateFile    /etc/ldapcert/server.somewhere.net.crt.pem
TLSCertificateKeyFile /etc/ldapcert/server.somewhere.net.key.pem


How do i get the certificates configured for localhost too ?
Is it possible to configure it this way ? :

TLSCACertificateFile  /etc/ldapcert/ldapCA.pem
TLSCertificateFile    /etc/ldapcert/server.somewhere.net.crt.pem
TLSCertificateKeyFile /etc/ldapcert/server.somewhere.net.key.pem
TLSCertificateFile    /etc/ldapcert/localhost.crt.pem
TLSCertificateKeyFile /etc/ldapcert/localhost.key.pem


Thanks in advance,

Harry