> I also would like to know if pam-ldap support certificate-based > client authentication which mean the ldap client will send its own > certificate for ldap server to authenticate. If you are looking at using cert's to authenticate the user that pam_ldap is authenticating, you can't do it (AFAIK). Pam-ldap will use a client cert to authenticate itself to the server, where it can then authenticate the user by the password it asked for. Ben -- -----------=======-=-======-=========-----------=====------------=-=------ / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` bcollins@debian.org -- bcollins@openldap.org -- bcollins@linux.com ' `---=========------=======-------------=-=-----=-===-======-------=--=---'
