On 04/12/2011 02:20 PM, Quanah Gibson-Mount wrote:
--On Tuesday, April 12, 2011 9:57 PM +0200 Judith Flo Gaya <jflo@imppc.org> wrote:It can and does use PEM files. Everything in http://www.openldap.org/faq/data/cache/185.html also applies to using openldap with Mozilla NSS.I changed the ldap.conf file in the client so instead of TLS_CACERTDIR now I'm using TLC_CACERT <file.pem>MozNSS can't use pem files. It uses a cert database. So your MozNSS linked clients will never work if you point them at a OpenSSL style pem file.
Note that http://www.openldap.org/faq/index.cgi?file=1514 describes how to use openldap with the native MozNSS key/cert database. It works with both PEM files and key/cert dbs.
--Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration