On Mon, Apr 18, 2016 at 12:25 PM, Howard Chu hyc@symas.com wrote:
Prashanth P.Nair wrote:
Hi All
Currently my LDAP server is having self signed FQDN based SSL certificate .I would like to have IP based SSL certificate for the same node.IS that feasible ?
Yes. http://www.openldap.org/faq/data/cache/185.html
Below certificate issued to FQDN i.e CN=FQN.
TLSCACertificateFile /etc/ssl/ldap.pem TLSCertificateKeyFile /etc/ssl/ldap.pem TLSCertificateFile /etc/ssl/ldap.pem
Please advise on the same.
Br/Prashanth.P
Thank you Howard. I gone thorough the document,it says configuring modifying/creating the certificate with subjectAltName .
Is it possible have two separate SSL certificate for same node(IP and FQDN). like below.
TLSCACertificateFile /etc/ssl/ldap.pem TLSCertificateKeyFile /etc/ssl/ldap.pem TLSCertificateFile /etc/ssl/ldap.pem
TLSCACertificateFile /etc/ssl/ldap2.pem TLSCertificateKeyFile /etc/ssl/ldap2.pem TLSCertificateFile /etc/ssl/ldap2.pem