TLS certs needed for Provider and consumer - openldap-technical - openldap.org

List overview All Threads
Download

TLS certs needed for Provider and consumer

multiple instances

replication issue

Sotomayor, Vicente (ITD)

1 Jun 2010 1 Jun '10

11:33 a.m.

Hello Everyone:

Does anyone a have a link the shows what steps are needed to for creating certs for a Provider and Consumer? I've been able to do it for Provider, but I'm stuck on what to do for the consumer.

Thanks

Attachments:

attachment.htm (text/html — 614 bytes)

Reply

Show replies by date

Dieter Kluenter

1 Jun 1 Jun

11:13 p.m.

Am Tue, 1 Jun 2010 14:33:28 -0400 schrieb "Sotomayor, Vicente (ITD)" Vicente.Sotomayor@state.ma.us:

Hello Everyone:

Does anyone a have a link the shows what steps are needed to for creating certs for a Provider and Consumer? I've been able to do it for Provider, but I'm stuck on what to do for the consumer.

What do you want to achieve? Is it just a TLS session or in addition a SASL EXTERNAL authentication? A startTLS session requires olcSyncrepl: starttls=yes tls_cacert=/path/to/CA, you may add tls_reqcert=demand. A SASL EXTERNAL authentication in addition requires a user certificate and a certificate key.

-Dieter

-- Dieter Klünter | Systemberatung sip: +49.40.20932173 http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6

Reply

5071

Age (days ago)

5072

Last active (days ago)

openldap-technical@openldap.org

1 comments

2 participants

tags (0)

participants (2)

Dieter Kluenter
Sotomayor, Vicente (ITD)