Am 20.10.20 um 22:54 schrieb Howard Chu:
Stefan Kania wrote:
Am 20.10.20 um 22:20 schrieb Howard Chu:
Stefan Kania wrote:
But when I create a user or a server there is no certificate. In the manpage said:
Certificates for users and servers are generated on demand using a Search request
The manpage says, exactly:
Certificates for users and servers are generated on demand using a Search request returning only the userCertificate;binary and userPri‐ vateKey;binary attributes. Any Search for anything besides exactly these two attributes is ignored by the overlay.That's what I did:
I suggest you run test066 in the test suite and follow its steps.
Now it's working. My problem was I tried to override the objectClass for autoca with :
userClass inetOrgPerson
But this was not work. I removed the line from the config now searching for a user or a host the first time with: ------- ldapsearch -xZZ -LLL -D "cn=admin,dc=example,dc=net" -W "cn=user2 ldap" "userCertificate;binary" "userPrivateKey;binary" -------
the certificate and key will be created. Every search for the user the next time the certificate is listed without "userCertificate;binary" "userPrivateKey;binary".