On 11/28/2013 03:16 AM, lux-integ wrote:
Greetings,
I am a complete beginner leaning to use openldap.
I read through a few of the manuals online. I am finding the access-control manual ( http://www.openldap.org/doc/admin24/access-control.html ) the hardest to understand.
I would like to know if it is possible to authenticate users using p12 (pkcs12 certificates/key pair ) and IF SO what would be
a) the standard shemas to be included in slapd.conf to make this possible ? , b) the entry for olcAccess ( in slapd.conf) for users to be authenticared via their p12 files ? , b) the location and storage method in the database for these .p12 files ?
or IF NOT SO what is the recommended equivalent to p12 files and how would they be deployed.?
thanks in advance
sincerely luxInteg
A p12 file is no more than a x509 certificate and a private key, both can be used to configure ldaps or TLS in the client side, see for example http://www.openldap.org/faq/data/cache/1514.html
Regards.
Salvador Ortiz.