--- Mark McLoughlin <markmc at redhat.com> wrote: > On Mon, 2006-01-09 at 20:56 +0100, Jo De Troy wrote: > > Hi Susan, > > > > yes it is. Below you can see my /etc/openldap/ldap.conf > > # > > HOST ldapserver > > BASE dc=example,dc=com > > TLS_REQCERT allow > > TLS_CACERT /etc/openldap/cacerts/cacert > > > > The openssl command Mark pointed to works fine. From that output I > > grabbed the CAcert and stored it the file I'm referencing in > > the /etc/openldap/ldap.conf you only need the cert if you are doing client-based certificate authentication. Is that what you want? If all you need is server-based, then there's no need to put certs on the clients. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
