[prev in list] [next in list] [prev in thread] [next in thread]
List: nssldap
Subject: Re: [nssldap] tls and nss_ldap
From: Andreas Hasenack <andreas () conectiva ! com ! br>
Date: 2001-12-23 15:50:33
[Download RAW message or body]
Em Wed, Dec 05, 2001 at 04:05:11PM -0500, David Krovich escreveu:
> I guess the thing I'm least sure about is the certificate signing. If
You can use this to create a self-signed certificate:
openssl req -new -x509 -nodes -out server.crt -keyout server.key
Answer with your hostname's fqdn to the common name question.
Check the TLS* configuration directives in slapd.conf and make
them point to these files you just generated. You should then have
start-tls capability when restarting the ldap server.
Another hint: you *have* to use the fqdn when accessing the ldap
server via tls/ssl, it has to be the same name as the one in the
certificate.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic