[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Client says Can't contact LDAP server, but it can!



Quanah Gibson-Mount wrote:
--On Monday, July 28, 2008 12:44 PM -0700 John Oliver <joliver@john-oliver.net> wrote:


I do appreciate all of the help, and apologize if I seem dense. I know

You continue to do things incorrectly, and be unhappy when they don't work because of it. Again, to set up your LDAP servers *correctly* with

At some point I created a small script to generate self signed certificates. Mostly for Apache2's sake. But of course this works for anything needing a certificate. Apache's site has very useful documentation: http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#ownca


#!/bin/sh
#
# JvA
# Generate self sgined certificate
# And remove the passphrase (so services will start without prompting for a password)
#
# Takes one argument, the name of the key


# check if any argument has been given, if not exit
if test -z "$1"
then
    echo 'Please give the name of the key, exiting...'
    exit
fi

echo "Generating key..."
openssl genrsa -des3 -out $1.key 1024
echo ""
echo "Generating self signed certificate..."
openssl req -new -x509 -nodes -sha1 -days 999 -key $1.key -out $1.crt

# Remove passphrase
echo ""
echo "Removing passphrase..."
openssl rsa -in $1.key -out $1.key

# Display results
echo ""
echo "Displaying details..."
openssl x509 -noout -text -in $1.crt

echo "Check the file permissions and make sure "$1".key is only readable by root and if necessary the system account using it."
chmod a-r,u+r $1.key
ls -l $1.key
ls -l $1.crt