On 10/21/2014 05:29 AM, Graham Leggett wrote:
Hi all, I am trying to research how it might be possible to do a directory search for an exact match on a digital certificate storing in userCertificate. Most specifically, I want to do a simple lookup based on a binary match of the cert, its not enough to do the combination of DN and serial number. Does anyone know whether a simple search will work with 389ds or if there are any gotchas to look out for?
A simple equality search should work.
Some googling would suggest that openldap can’t do it, I was wondering if 389ds had the same problem.
389 doesn't support the certificate syntax and matching rules https://fedorahosted.org/389/ticket/215
389 uses octetString for the syntax and matching rules for userCertificate
Regards, Graham — -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
-- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
