[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS certs needed for Provider and consumer
Am Tue, 1 Jun 2010 14:33:28 -0400
schrieb "Sotomayor, Vicente (ITD)" <Vicente.Sotomayor@state.ma.us>:
> Hello Everyone:
>
> Does anyone a have a link the shows what steps are needed to for
> creating certs for a Provider and Consumer? I've been able to do it
> for Provider, but I'm stuck on what to do for the consumer.
What do you want to achieve? Is it just a TLS session or in addition a
SASL EXTERNAL authentication?
A startTLS session requires olcSyncrepl: starttls=yes
tls_cacert=/path/to/CA, you may add tls_reqcert=demand.
A SASL EXTERNAL authentication in addition requires a user certificate
and a certificate key.
-Dieter
--
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6