Hi all, I'm testing the 389 DS on centos 6 and I had a problem with the certmap.conf file. The certmap.conf file exists (and there is no symlink between them) at 2 locations : /etc/dirsrv/config and /etc/dirsrv/slapd-instancename. The documentation https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_SSL-Using_Certificate_Based_Authentication.html#sect-Console_Guide-Using_Client_Authentication-Editing_the_certmap.conf_File says that we need to edit /etc/dirsrv/config/certmap.conf, but during my testing, after modifying this file and restarting the server, the mapping did not work. And I needed to edit the conf file in the slapd-instancename to be able to authenticate via a client-certificate. It seems that /etc/dirsrv/config/certmap.conf is not used at all ( I removed the file, restarted the server and authentication was working). I don't know if I missed something but is the documentation outdated about this point ? And what is the purpose of /etc/dirsrv/config/certmap.conf ? By the way, in some examples of the documentation, the DNComps property has the DC keyword but this attribute is not listed in the available RDN keywords. Should I open a bugzilla report about this ? I must also say that the documentation about 389 DS has impressed me by its very high quality and quantity of information therein. Best regards, -- Alan Cox wrote: > Linus Torvalds wrote: > > And quite frankly, if your disk can push 50MB/s through a 1kB > > non-contiguous filesystem, then my name is Bugs Bunny. > > Hi Bugs 8), previously Frodo Rabbit, .. I think you watch too much > kids tv 8) Three kids will do that to you. Some day, you too will be there. - Linus Torvalds and Alan Cox on linux-kernel
Attachment:
signature.asc
Description: PGP signature
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
