[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: CRL Certificate

To: Turbo Fredriksson <turbo@bayour.com>
Subject: Re: CRL Certificate
From: Howard Chu <hyc@symas.com>
Date: Tue, 07 Nov 2006 14:16:52 -0800
Cc: openldap-software@openldap.org
In-reply-to: <87zmb3ymcs.fsf@pumba.bayour.com>
References: <87u01bbv0k.fsf@pumba.bayour.com> <4550CF14.9000603@symas.com> <87zmb3ymcs.fsf@pumba.bayour.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20061029 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a

Turbo Fredriksson wrote:

Quoting Howard Chu <hyc@symas.com>:

Turbo Fredriksson wrote:

I've been playing with OpenSwan the last week and learned how
to revoke certificates in the process. Usage of the CRL cert...
In my slapd.conf's I have:
TLSCACertificateFile    /etc/ldap/cacert.pem
TLSCertificateFile      /etc/ldap/ldapsrv?_domain_tld.pub
TLSCertificateKeyFile   /etc/ldap/ldapsrv?_domain_tld.prv
TLSVerifyClient         try
Where would the CRL cert fit in this? From what I can tell
of the man page, nowhere.

Read the slapd.conf(5) manpage again, look for the TLSCRLCheck keyword.


Doesn't exist in man manual. When did that come? I'm running OpenLDAP
v2.2.28.

It went into HEAD sometime in 2004. It was released in 2.3, so first public availability would have been around March 2005. You probably ought to subscribe to the OpenLDAP-announce mailing list, if you're not even aware of what versions are out.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/

Follow-Ups:
- Re: CRL Certificate
  - From: Turbo Fredriksson <turbo@bayour.com>

References:
- CRL Certificate
  - From: Turbo Fredriksson <turbo@bayour.com>
- Re: CRL Certificate
  - From: Howard Chu <hyc@symas.com>
- Re: CRL Certificate
  - From: Turbo Fredriksson <turbo@bayour.com>

Prev by Date: Re: CRL Certificate
Next by Date: Re: localized group names?
Index(es):
- Chronological
- Thread