[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
CRL Certificate
- To: openldap-software@openldap.org
- Subject: CRL Certificate
- From: Turbo Fredriksson <turbo@bayour.com>
- Date: Tue, 07 Nov 2006 08:01:15 +0100
- Organization: LDAP/Kerberos expert wannabe
- User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/20.7 (gnu/linux)
I've been playing with OpenSwan the last week and learned how
to revoke certificates in the process. Usage of the CRL cert...
In my slapd.conf's I have:
TLSCACertificateFile /etc/ldap/cacert.pem
TLSCertificateFile /etc/ldap/ldapsrv?_domain_tld.pub
TLSCertificateKeyFile /etc/ldap/ldapsrv?_domain_tld.prv
TLSVerifyClient try
Where would the CRL cert fit in this? From what I can tell
of the man page, nowhere.
I have authentication with X.509 certificates enabled
(not that anyone's using that at the moment, but...) so
I would like the chance of making sure to reject revoked
certificates...