[prev in list] [next in list] [prev in thread] [next in thread]
List: pamldap
Subject: [pamldap] RE: SSL and Active Directory
From: "Vijayakumar Chinnasamy" <cvijay () hexaware ! com>
Date: 2004-01-21 12:35:39
Message-ID: 372DD7320F873B43929D49BFF86F950B03FD750B () mail3 ! hexaware ! com
[Download RAW message or body]
I got some more ideas with installing this pfx file. I used following commmands:
openssl pkcs12 -in certkey.pfx -out cacert.pem -nokeys -nodes
openssl pkcs12 -in certkey.pfx -out cakey.pem -nocerts -nodes
I extracted both certificate and key from this (cacert.pem and cakey.pem). I am not \
sure how to proceed further.
Someone please help!
-Vijay
-----Original Message-----
From: Vijayakumar Chinnasamy
Sent: Wednesday, January 21, 2004 5:44 PM
To: 'pamldap@padl.com'
Subject: SSL and Active Directory
Hi
I am struggling with this for hours. Hope someone can help me here.
I am trying to setup authentication through my Active Directory which is running in \
Windows 2000 Server. I am using a Redhat Linux 7.2 Client with PAM_LDAP and NSS_LDAP \
(Both with --enablessl).
I am able to get authenticated without using SSL. But my aim is to use LDAP over SSL \
for authentication. I have installed Certificate Services and High Encryption pack in \
my Windows 2000 Server to enable LDAPS. I have a certificate installed in my Windows \
2000 Server. I took a backup of this certificate (got a pfx file) and transferred to \
Redhat Linux Box.
I have to install a pfx file (Generated from a Windows 2000 Cetficate Server). How \
can i install the Certificates and keys in Linux Box?
I really appreciate any small ideas to proceed further. Also let me know what further \
attributes are required with /etc/ldap.conf.
Thanks
Vijay
[Attachment #3 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2462.0" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN class=625462512-21012004><FONT face=Tahoma color=#0000ff size=2>I got
some more ideas with installing this pfx file. I used following
commmands:</FONT></SPAN></DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial color=#0000ff
size=3></FONT></TT></SPAN> </DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial color=#0000ff
size=3><STRONG>openssl pkcs12 -in certkey.pfx -out cacert.pem -nokeys
-nodes</STRONG></FONT></TT></SPAN></DIV>
<DIV><SPAN class=625462512-21012004><TT></TT><TT><FONT face=Arial color=#0000ff
size=3><STRONG>openssl pkcs12 -in certkey.pfx -out cakey.pem -nocerts
-nodes</STRONG></FONT></TT></SPAN></DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial
color=#0000ff></FONT></TT></SPAN> </DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial color=#0000ff>I
extracted both certificate and key from this (cacert.pem and cakey.pem). I am
not sure how to proceed further. </FONT></TT></SPAN></DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial
color=#0000ff></FONT></TT></SPAN> </DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial color=#0000ff>Someone
please help!</FONT></TT></SPAN></DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial
color=#0000ff></FONT></TT></SPAN> </DIV>
<DIV><SPAN class=625462512-21012004><TT><FONT face=Arial
color=#0000ff>-Vijay</FONT></TT></DIV></SPAN>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B> Vijayakumar Chinnasamy
<BR><B>Sent:</B> Wednesday, January 21, 2004 5:44 PM<BR><B>To:</B>
'pamldap@padl.com'<BR><B>Subject:</B> SSL and Active
Directory<BR><BR></FONT></DIV>
<DIV><SPAN class=Text><FONT face=Tahoma>Hi <BR><BR>I am struggling with this
for hours. Hope someone can help me <SPAN
class=765041212-21012004>here. </SPAN></FONT></SPAN></DIV>
<DIV><SPAN class=Text><FONT face=Tahoma><SPAN
class=765041212-21012004></SPAN></FONT></SPAN> </DIV>
<DIV><SPAN class=Text><FONT size=+0><SPAN
class=765041212-21012004></SPAN><FONT face=Tahoma><SPAN
class=765041212-21012004>I am trying to setup authentication through my
Active Directory which is running in Windows 2000
Server. </SPAN></FONT></FONT></SPAN></DIV>
<DIV><SPAN class=Text><FONT size=+0><FONT size=+0><FONT face=Tahoma><SPAN
class=765041212-21012004>I am using a Redhat Linux 7.2 Client with
PAM_LDAP and NSS_LDAP (Both with
--enablessl).</SPAN></FONT></FONT></FONT></SPAN></DIV>
<DIV><SPAN class=Text><FONT size=+0><FONT size=+0><FONT face=Tahoma><SPAN
class=765041212-21012004></SPAN></FONT></FONT></FONT></SPAN> </DIV>
<DIV><SPAN class=Text><FONT size=+0><FONT size=+0><FONT size=+0><SPAN
class=765041212-21012004></SPAN><FONT face=Tahoma><SPAN
class=765041212-21012004>I am able to get authenticated without using
SSL. But my aim is to use LDAP over SSL for authentication. I have installed
Certificate Services and High Encryption pack in my Windows 2000 Server to
enable LDAPS. I have a certificate installed in my Windows 2000 Server. I took
a backup of this certificate (got a pfx file) and transferred to Redhat Linux
Box. </SPAN> <BR><BR>I have to install a pfx file (Generated from a
Win<SPAN class=765041212-21012004>dow</SPAN>s 2000 Cetficate Server)<SPAN
class=765041212-21012004>. </SPAN>How can i install the Certificates and keys
in Linux Box? <BR><BR>I really appreciate any <SPAN
class=765041212-21012004>small ideas to proceed further. Also let me know what
further attributes are required with
/etc/ldap.conf.</SPAN><BR><BR>Thanks<BR>Vijay
</FONT></FONT></FONT></FONT></SPAN></DIV>
<DIV><FONT face=Tahoma size=2></FONT> </DIV></BLOCKQUOTE></BODY></HTML>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic