Natxo Asenjo wrote:
hi rob,

On Mon, May 18, 2015 at 3:46 PM, Rob Crittenden <
<>> wrote:

    Natxo Asenjo wrote:

        On Sat, May 16, 2015 at 10:24 PM, Natxo Asenjo
        < <>
        < <>>>


             If I retrieve the usercertificate attribute for host
        objects I get
             some gibberish.

             How can I decode the info I get from ldapsearch?

        maybe there is a way to feed that to openssl. What I ended up
        doing was
        using Perl and Crypt::X509 and I can see all the certificate

    They are DER-encoded files. Something like this will show the contents:

    $ openssl x509 -text -in /tmp/file

$ openssl x509 -text -in ldapsearch-usercertificate-ZWnfJL
unable to load certificate
139637925009264:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:703:Expecting: TRUSTED CERTIFICATE

Apparently it misses some stuff.

You could try adding -inform  DER

As I wrote, I already got what I needed using perl, but maybe there are
other ways.


Manage your subscription for the Freeipa-users mailing list:
Go to for more info on the project

Reply via email to