Greetings,
I am learning to use openldap. I want to publish CA certificates and crls ( in der format ) in an ldap database. I came accross this link http://www.tldp.org/HOWTO/archived/LDAP-Implementation-HOWTO/certificates.ht... ) it relates to publishing 1 certificate. However, I would like to be able to use one entry in the database to later access 2 objects by URL entry (i) so called AuthorityInformationAccess (CA certificate location ) and (ii) CDP (crl distribution point. So I have 2 questions:
QUESTION1 ========= I would like to know if I can publish 2 certififates and in the ldif have someting such as :-
#----------- dn: cn=certs,dc=example,dc=com ObjectClass: Top ObjectClass: ApplicationProcess ObjectClass: SimpleSecurityObject CertificateRevocationList::-------someBinaryFile CACertificate::-------------------someBinaryFile cn: certs UserPassword: cert-password
QUESTION2 ========= if I have the files binary File_crl and CAcertificate can I replace lines 5 and 6 above like this?:
CertificateRevocationList;binary: < /path/to/someBinaryFile_File_crl CACertificate;binary: < /path/to/someBinaryFile_CACertificate
and if so which is the recommended file insertion or use of pointer?
Advice on the above or better methods to proceed will be gratefully received.
thanks in advance luxInteg