[Date Prev][Date Next] [Chronological] [Thread] [Top]

Another question about LDAP over SSL



Hi everyone.  I have another "duh" question.
 
I am writing software for a proprietary piece of hardware.  I will be using the C libraries for openldap.  I need to write some functions for LDAP so that the UI of the software has the option to authenticate a user via LDAP and LDAP over SSL.  Basically it will just act like a client that will Simple Bind to the LDAP server for authentication.
 
I read the document here.  http://www.openldap.org/faq/data/cache/185.html
 
I followed the instructions on the website to generate the SSL certs.
 
My question is, on the website above it says....
 
"You must also install a copy of the CA certificate on all of your client machines. Configuration is done in /usr/local/etc/openldap/ldap.conf:"
 
Does this mean I need to provide a way to the customer to manually transfer his/her CA cert the proprietary hardware, if they want to use LDAP over SSL???  Or when I use the Start TLS function, do the certs automatically get transfered behind the scene?
 
thanks