9 Oct
2013
9 Oct
'13
11:12 a.m.
but I can. As I mentioned in my original post, adding this to ~/.ldaprc or /etc/openldap/ldap.conf makes ldapsearch work perfectly fine:
HOST server.domain.com PORT 636 TLS_REQCERT allow
The problem is with applying this configuration to the one host while still setting my default configuration for SASL certificate-based authentication to everything else. How do I do that?
or, to ask the question differently, forget the fact that I'm dealing with an invalid cert. There's no need to to get hung up on that detail. I have one ldaprc configuration that I need to define for a host, and a default ldaprc configuration I need to define for all other hosts. How do I make them work together?
--
Jared
On 10/09/2013 01:06 PM, Michael Ströder wrote:
> Jared wrote:
>> expired and self-signed.
>
> You cannot work around expired certs. But in case of self-signed certs you can
> put them into trusted CA certs file.
>
> Ciao, Michael.
>