Hello everybody,
I have just started a new thread simplifying the
context of my last post ( Re: [Openca-Users] OpenLDAP
help, plz), I guess :-).
I want to know how should I configure that file
(ldap.xml) to be able to upload my certificates that
have special OIDs in them, actually almost all the
certificates have these OIDs.
for example one of the OIDs is:
1.3.6.1.4.1.4710.1.3.1
this OID represent a unique code that every citizen
has in my country.
so,
1. how should I configure it in ldap.xml?
2. Do I have to make changes in openldap schema files?
for 1. I have done this:
<rdn>
<attributetype>certCedula</attributetype>
<may>
<attributetype>serialNumber</attributetype>
<attributetype>mail</attributetype>
<attributetype>emailAddress</attributetype>
<!--change 3 added lines-->
<attributetype>certCedula</attributetype>
<attributetype>certNit</attributetype>
<attributetype>street</attributetype>
<!--change 3 added lines-->
<attributetype>ou</attributetype>
<attributetype>o</attributetype>
<attributetype>st</attributetype>
<attributetype>l</attributetype>
</may>
<structural>
<objectclass>person</objectclass>
<objectclass>organizationalPerson</objectclass>
<objectclass>inetOrgPerson</objectclass>
</structural>
<auxiliary>
<objectclass>opencaEmailAddress</objectclass>
<objectclass>opencaUniquelyIdentifiedUser</objectclass>
<objectclass>pkiUser</objectclass>
</auxiliary>
</rdn>
Supossing that certCedula is the name of the OID, but
3. where do I give it the name?
For this point I tried doing some additions in
/etc/openldap/schema/core.schema
like this:
attributetype ( 1.3.6.1.4.1.4710.1.3.1
NAME 'certCedula'
DESC 'Representa la cedula de un ciudadano'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256}
SUP name )
is this ok?
and I added them at the end of the object class
organizationalPerson like this:
objectclass ( 2.5.6.7 NAME 'organizationalPerson'
DESC 'RFC2256: an organizational person'
SUP person STRUCTURAL
MAY ( title $ x121Address $ registeredAddress
$ destinationIndicator $
preferredDeliveryMethod $ telexNumber
$ teletexTerminalIdentifier $
telephoneNumber $
internationaliSDNNumber $
facsimileTelephoneNumber $ street $
postOfficeBox $ postalCode $
postalAddress $
physicalDeliveryOfficeName $ ou $ st $ l $
certNit $ certCedula ) )
I'm completely scrambled here :-(
Does anyone know how to configure this?
Thanks,
Johnny
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
