On 10/21/2014 05:29 AM, Graham Leggett wrote:
Hi all,
I am trying to research how it might be possible to do a directory search for
an exact match on a digital certificate storing in userCertificate. Most
specifically, I want to do a simple lookup based on a binary match of the cert,
its not enough to do the combination of DN and serial number.
Does anyone know whether a simple search will work with 389ds or if there are
any gotchas to look out for?
A simple equality search should work.
Some googling would suggest that openldap can’t do it, I was wondering if 389ds
had the same problem.
389 doesn't support the certificate syntax and matching rules
https://fedorahosted.org/389/ticket/215
389 uses octetString for the syntax and matching rules for userCertificate
Regards,
Graham
—
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
--
389 users mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/389-users
