From: Omer Faruk Sen (ofsenlinux@yahoo.com)
Date: Thu 01 Mar 2001 - 19:33:21 EET
selamlar.
Gecenlerde birkac mailde ldap'a ssl destegi nasil
veriliri konusmustuk.
En azindan bir adres vereyim uzun uzadiya anlatmiyayim
Bu adresi daha onceden gormemistim
http://www.openldap.org/faq/data/cache/185.html
birde openldap mail listesinden direk copy-paste
yapiyorum
-----------------------------------------
here are the relevant pieces of what i have in my
slapd.conf:
TLSCertificateFile /etc/openldap/server.pem
TLSCertificateKeyFile /etc/openldap/server.pem
TLSCACertificateFile /etc/openldap/server.pem
replogfile /etc/openldap/slurpd.replog
replica host=192.168.1.2:389
binddn="cn=manager,dc=example,dc=net"
bindmethod=simple
credentials=mypasswd
tls=yes
you should generate the key like this:
# openssl req -new -x509 -nodes -out server.pem
-keyout server.pem
-days 365
note. this used to work great for me however since i
recompiled to use
a
non-standard location (--prefix=/opt/openldap-2.0.7-1)
i've found that
tls
based replication does not work, though "ldapsearch
-ZZ ..." does work.
i
have yet to find a solution to this.
----------
Boylece ssl i hallettik ama sasl'i hala cozemedim :(
Bunu kendim deneyecegim eger problemle karsilasirsam
ve cozumunu bulursam listeye atarim
=====
YILDIZ UNIVERSITESI
ELEKTRONIK ve HABERLESME
http://www.faruk.net
ofsen@istanbul.linux.org.tr
ofsen@yahoo.com
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/