Hi all,
I just ty to figure out client certificates for the access to ldap. My problem I can't configure e.g. ldapsearch on windows properly. If I understood it right, I must define and store some directives within a ldap.conf (see an example at the bottom), But what I must do that e.g. ldapsearch will read the configuration?
Harald
URI ldaps://myldap.mydomain.de BASE OU=myOrg,O=mydomain,C=DE BINDDN CN=me,OU=USERS,OU=myorg,O=mydomain,C=DE
TLS_CACERT C:/OpenSSL-Win32/bin/demoCA/cacert.pem TLS_CERT C:/app/H23232/product/11.2.0/client_2/BIN/owm/wallets/H23232/clientcert.pem TLS_KEY C:/app/ H23232/product/11.2.0/client_2/BIN/owm/wallets/H23232/privateKeyOhnePass.pem
TLSCipherSuite HIGH:MEDIUM:+SSLv2 #TLS_REQCERT never #TLS_REQCERT allow #TLS_REQCERT try TLS_REQCERT demand
"Wallus, Harald Dr." Harald.Wallus@eon.com writes:
Hi all,
I just ty to figure out client certificates for the access to ldap. My problem I can’t configure e.g. ldapsearch on windows properly. If I understood it right, I must define and store some directives within a ldap.conf (see an example at the bottom), But what I must do that e.g. ldapsearch will read the configuration?
ldapsearch is a client operation and will read ldap.conf(5) either from default settings etc/openldap/ldap.conf or ~/ldaprc, ~/.ldaprc. You may set an environment variable LDAPCONF, see the manual page for further info.
-Dieter
Yes, it looks like that setting the system variable LDAPCONF, which directs to a ldap.conf-file do this trick. My problem is now, that the available precompiled versions for windows include only a legacy OpenSSL version, which leads to the problem using ldapsearch for secure, current LDAP services. Maybe I compile a current version. Thank for help.
Harald
-----Original Message----- From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Dieter Kluenter Sent: Donnerstag, 22. Juli 2010 08:45 To: openldap-technical@openldap.org Subject: Re: Client Configuration on Windows
"Wallus, Harald Dr." Harald.Wallus@eon.com writes:
Hi all,
I just ty to figure out client certificates for the access to ldap. My problem I can’t configure e.g. ldapsearch on windows properly. If I understood it right, I must define and store some directives within a ldap.conf (see an example at the bottom), But what I must do that e.g. ldapsearch will read the configuration?
ldapsearch is a client operation and will read ldap.conf(5) either from default settings etc/openldap/ldap.conf or ~/ldaprc, ~/.ldaprc. You may set an environment variable LDAPCONF, see the manual page for further info.
-Dieter
openldap-technical@openldap.org
-
Dieter Kluenter -
Wallus, Harald Dr.