[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: CRL Certificate
Quoting Howard Chu <hyc@symas.com>:
> Turbo Fredriksson wrote:
>> I've been playing with OpenSwan the last week and learned how
>> to revoke certificates in the process. Usage of the CRL cert...
>> In my slapd.conf's I have:
>> TLSCACertificateFile /etc/ldap/cacert.pem
>> TLSCertificateFile /etc/ldap/ldapsrv?_domain_tld.pub
>> TLSCertificateKeyFile /etc/ldap/ldapsrv?_domain_tld.prv
>> TLSVerifyClient try
>> Where would the CRL cert fit in this? From what I can tell
>> of the man page, nowhere.
>
> Read the slapd.conf(5) manpage again, look for the TLSCRLCheck keyword.
Doesn't exist in man manual. When did that come? I'm running OpenLDAP
v2.2.28.