I'm following the instruction in the OpenCA guide for using dc-style (using
OpenCA 0.9.1-OpenLDAP 2.0.23).
The problem is I can't load CA Cerificate to OpenLDAP with schemacheck
enabled.
OpenLDAP complains about the need of a "o=" component when the objectclass
"organization" is used.
After some tries, i made it work by commenting out line 345 in file
$OPECADIR/openca/lib/functions/ldap-utils.lib as shown below
--------------[line 337-347]-----------------------------------
## insert the different types
##// attention: I don't insert here a CA!!!
## this most be done otherwise because I cannot declare
## any o and ou to be a (sub)CA
my @attr;
if ($add_dn =~ /^\s*(cn|dc|sn|email|emailAddress|serialNumber)\s*=.*$/i)
{
if ($obj->getParsed()->{IS_CA}) {
push @attr, 'objectclass' => [ 'top',
# 'organization',
'certificationAuthority'
];
---------------------------------------------------------------
I'd like to know if this is the correct solution to the problem and if this
could break something.
Thanks.
Alessandro.
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
