man, 22.03.2004 kl. 11.55 skrev Vincent Jaussaud: > > Actually, that's pretty useless. One of the best sites I know for that > > kind of thing is www.mod_ssl.org, but that's mostly concentrated on > > Apache and SSL. Here's an o.k. url: > > > > http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html#5.0 > > > > I tried with the following options in my /etc/openldap/ldap.conf: > > HOST fqdn.host > PORT 636 > TLS_CACERT /tmp/mycompanyCA.pem > TLS_REQCERT never
ldap.conf has nothing to do with this ;) You should be looking at slapd.conf. I use the same server cert/private key/CA cert combo for both Postfix and Openldap, but obviously each one has to be configured differently and the respective server uids have to have read access to the server certs, everyone the CA cert. Evo's LDAP client doesn't need a cert and doesn't complain about self-signed certs - not 1.4.x, anyway. --Tonni -- mail: billy - at - billy.demon.nl http://www.billy.demon.nl _______________________________________________ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
