Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem

From: Tony Earnshaw <tonye billy demon nl>
To: Evolution list <evolution lists ximian com>
Subject: Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
Date: Mon, 22 Mar 2004 13:48:08 +0100

man, 22.03.2004 kl. 11.55 skrev Vincent Jaussaud:

Actually, that's pretty useless. One of the best sites I know for that
kind of thing is www.mod_ssl.org, but that's mostly concentrated on
Apache and SSL. Here's an o.k. url:

http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html#5.0


I tried with the following options in my /etc/openldap/ldap.conf:

HOST   fqdn.host
PORT    636
TLS_CACERT      /tmp/mycompanyCA.pem
TLS_REQCERT     never


ldap.conf has nothing to do with this ;) You should be looking at
slapd.conf. I use the same server cert/private key/CA cert combo for
both Postfix and Openldap, but obviously each one has to be configured
differently and the respective server uids have to have read access to
the server certs, everyone the CA cert.

Evo's LDAP client doesn't need a cert and doesn't complain about
self-signed certs - not 1.4.x, anyway.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl

Follow-Ups:
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud

References:
- [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Tony Earnshaw
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Tony Earnshaw
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Tony Earnshaw
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]