--On Tuesday, February 14, 2017 3:16 AM +0000 ryan(a)nardis.ca wrote:
I found that useful in a setup very similar to what Andreas and
Michael
describe: slapd with a server certificate issued by an external/public
CA, but trusting only a specific internal CA to authenticate clients.
I found this to be a very common scenario while working for Zimbra. Many
of the clients had a commercial sever cert but used their own CA for
internal client cert auth. It would be extremely helpful for OpenLDAP to
better support these types of configurations.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<
http://www.symas.com>