[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: CRL Certificate

To: openldap-software@openldap.org
Subject: Re: CRL Certificate
From: Turbo Fredriksson <turbo@bayour.com>
Date: Tue, 07 Nov 2006 22:32:03 +0100
In-reply-to: <4550CF14.9000603@symas.com> (Howard Chu's message of "Tue, 07 Nov 2006 10:23:16 -0800")
Organization: LDAP/Kerberos expert wannabe
References: <87u01bbv0k.fsf@pumba.bayour.com> <4550CF14.9000603@symas.com>
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/20.7 (gnu/linux)

Quoting Howard Chu <hyc@symas.com>:

> Turbo Fredriksson wrote:
>> I've been playing with OpenSwan the last week and learned how
>> to revoke certificates in the process. Usage of the CRL cert...
>> In my slapd.conf's I have:
>> TLSCACertificateFile    /etc/ldap/cacert.pem
>> TLSCertificateFile      /etc/ldap/ldapsrv?_domain_tld.pub
>> TLSCertificateKeyFile   /etc/ldap/ldapsrv?_domain_tld.prv
>> TLSVerifyClient         try
>> Where would the CRL cert fit in this? From what I can tell
>> of the man page, nowhere.
>
> Read the slapd.conf(5) manpage again, look for the TLSCRLCheck keyword.

Doesn't exist in man manual. When did that come? I'm running OpenLDAP
v2.2.28.

Follow-Ups:
- Re: CRL Certificate
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: CRL Certificate
  - From: Howard Chu <hyc@symas.com>

References:
- CRL Certificate
  - From: Turbo Fredriksson <turbo@bayour.com>
- Re: CRL Certificate
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Speed of slapadd for BDB on a Linux machine
Next by Date: Re: CRL Certificate
Index(es):
- Chronological
- Thread