[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Openldap and TLS issue

To: Ivan Ordonez <iordonez@nature.berkeley.edu>
Subject: Re: Openldap and TLS issue
From: ghenry@OpenLDAP.org
Date: Wed, 19 Nov 2008 17:19:40 +0000 (GMT)
Cc: Gavin Henry <ghenry@OpenLDAP.org>, openldap-technical@OpenLDAP.org
In-reply-to: <11912896.261227115124201.JavaMail.root@mail>

----- "Ivan Ordonez" <iordonez@nature.berkeley.edu> wrote:

> Looking at the debug log, it is expired. It puzzle me because the
> certs on the other two machine are working correctly.

Check their expiry dates with:

openssl x509 -in /usr/local/etc/openldap/ldap-slave_cert.pem -text
 
> Since this is the case (certificate expires), is it safe to create a
> new one for this machine?

Of course, then sign it with the cacert, something like:

./CA.sh -newreq
./CA.sh -sign

-- 
Kind Regards,

Gavin Henry.
OpenLDAP Engineering Team.

E ghenry@OpenLDAP.org

Community developed LDAP software.

http://www.openldap.org/project/

Prev by Date: Re: Openldap and TLS issue
Next by Date: RE: cont contact server since 3 days+please help
Index(es):
- Chronological
- Thread