[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: CRL Certificate



Quoting Howard Chu <hyc@symas.com>:

> Turbo Fredriksson wrote:
>> I've been playing with OpenSwan the last week and learned how
>> to revoke certificates in the process. Usage of the CRL cert...
>> In my slapd.conf's I have:
>> TLSCACertificateFile    /etc/ldap/cacert.pem
>> TLSCertificateFile      /etc/ldap/ldapsrv?_domain_tld.pub
>> TLSCertificateKeyFile   /etc/ldap/ldapsrv?_domain_tld.prv
>> TLSVerifyClient         try
>> Where would the CRL cert fit in this? From what I can tell
>> of the man page, nowhere.
>
> Read the slapd.conf(5) manpage again, look for the TLSCRLCheck keyword.

Doesn't exist in man manual. When did that come? I'm running OpenLDAP
v2.2.28.