[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Client says Can't contact LDAP server, but it can!
Quanah Gibson-Mount wrote:
--On Monday, July 28, 2008 12:44 PM -0700 John Oliver
<joliver@john-oliver.net> wrote:
I do appreciate all of the help, and apologize if I seem dense. I know
You continue to do things incorrectly, and be unhappy when they don't
work because of it. Again, to set up your LDAP servers *correctly* with
At some point I created a small script to generate self signed
certificates. Mostly for Apache2's sake. But of course this works for
anything needing a certificate. Apache's site has very useful
documentation: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#ownca
#!/bin/sh
#
# JvA
# Generate self sgined certificate
# And remove the passphrase (so services will start without prompting
for a password)
#
# Takes one argument, the name of the key
# check if any argument has been given, if not exit
if test -z "$1"
then
echo 'Please give the name of the key, exiting...'
exit
fi
echo "Generating key..."
openssl genrsa -des3 -out $1.key 1024
echo ""
echo "Generating self signed certificate..."
openssl req -new -x509 -nodes -sha1 -days 999 -key $1.key -out $1.crt
# Remove passphrase
echo ""
echo "Removing passphrase..."
openssl rsa -in $1.key -out $1.key
# Display results
echo ""
echo "Displaying details..."
openssl x509 -noout -text -in $1.crt
echo "Check the file permissions and make sure "$1".key is only readable
by root and if necessary the system account using it."
chmod a-r,u+r $1.key
ls -l $1.key
ls -l $1.crt