[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS/SSL problem - unsupported certificate
Antonio Camacho wrote, on 10. apr 2007 17:20:
[...]
My slapd.conf configuration:
#
TLSCipherSuite HIGH:MEDIUM:+SSLv2:RSA
TLSCertificateFile /etc/openldap/cacerts/master.pem
TLSCertificateKeyFile /etc/openldap/cacerts/master- key.pem
TLSCACertificateFile /etc/openldap/cacerts/cacert.pem
Don't use this:
TLSVerifyClient demand
#
My ldap.conf configuration:
#
Base=mydomain
SIZELIMIT 0
TIMELIMIT 0
TLS_CACERT /etc/openldap/cacerts/cacert.pem
Don't use these:
TLS_CERT /etc/openldap/cacerts/master.pem
TLS_KEY /etc/openldap/cacerts/master-key.pem
TLS_REQCERT demand
My .ldaprc configuration:
~/.ldaprc is redundant; scrap it.
#
TLS_CACERT /etc/openldap/cacerts/cacert.pem
TLS_CERT /etc/openldap/cacerts/master.pem
TLS_KEY /etc/openldap/cacerts/master-key.pem
TLS_REQCERT demand
For the rest things look ok.
--Tonni
--
Tony Earnshaw
Email: tonni at hetnet dot nl