Author: jfthomps
Date: Wed Nov 27 14:16:10 2013
New Revision: 1546042
URL: http://svn.apache.org/r1546042
Log:
added real content
Modified:
vcl/site/trunk/content/docs/ldap-showhostname.mdtext
Modified: vcl/site/trunk/content/docs/ldap-showhostname.mdtext
URL:
http://svn.apache.org/viewvc/vcl/site/trunk/content/docs/ldap-showhostname.mdtext?rev=1546042&r1=1546041&r2=1546042&view=diff
==============================================================================
--- vcl/site/trunk/content/docs/ldap-showhostname.mdtext (original)
+++ vcl/site/trunk/content/docs/ldap-showhostname.mdtext Wed Nov 27 14:16:10
2013
@@ -16,4 +16,23 @@ Notice: Licensed to the Apache Softwa
specific language governing permissions and limitations
under the License.
-stub page
\ No newline at end of file
+The hostname in an SSL certificate used for LDAP must match the hostname
entered in
+the conf.php file (this is the SSL certificate actually installed on the LDAP
server,
+not the CA certificate). If you have no control over making it match, you can
just put
+an entry in /etc/hosts with the IP of the LDAP server and the hostname that is
in
+the certificate. To view the hostname in the certificate, you need a file
containing
+the certificate (mycert.pem is used in the example). Run the following command
to see
+the hostname that is set in the certificate:
+
+<pre>
+openssl x509 -in /tmp/mycert.pem -subject -noout
+</pre>
+
+You should see something like:
+
+<pre>
+subject= /OU=Domain Control Validated/CN=ldap.example.edu
+</pre>
+
+The hostname is after the **CN=** part. So, **ldap.example.edu** is the
hostname in
+this example.
\ No newline at end of file
