|
On 02/06/2013 06:55 AM, yp wrote:
Hi all, I'm testing the 389 DS on centos 6 and I had a problem with the certmap.conf file. The certmap.conf file exists (and there is no symlink between them) at 2 locations : /etc/dirsrv/config and /etc/dirsrv/slapd-instancename. The documentation https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_SSL-Using_Certificate_Based_Authentication.html#sect-Console_Guide-Using_Client_Authentication-Editing_the_certmap.conf_File says that we need to edit /etc/dirsrv/config/certmap.conf, but during my testing, after modifying this file and restarting the server, the mapping did not work. And I needed to edit the conf file in the slapd-instancename to be able to authenticate via a client-certificate. Right. Please file a doc bug. It is used as the template for creating new instances.It seems that /etc/dirsrv/config/certmap.conf is not used at all ( I removed the file, restarted the server and authentication was working). I don't know if I missed something but is the documentation outdated about this point ? And what is the purpose of /etc/dirsrv/config/certmap.conf ? Please file a doc bug. By the way, in some examples of the documentation, the DNComps property has the DC keyword but this attribute is not listed in the available RDN keywords. Should I open a bugzilla report about this ? Yes. DC has been in there forever - not sure why it was missed in the docs. I must also say that the documentation about 389 DS has impressed me by its very high quality and quantity of information therein. Thanks! Best regards, |
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
