Hi thank you very much John, I'll try the procedure you gave to me as soon as I can.
I'd like to ask you a few things - they are design things, that is 1 - I read somewhere in openca that OpenSSL is case-sensitive, ... so that DC= is different from dc=. But OpenLDAP is not case-sensitive. So my question is: do I have to rewrite all my object identifiers uppercase to have OpenCA working with OpenLDAP because OpenSSL is case sensitive? So that I have to replace everything uppercase, for example OU=Users,DC=acme,DC=local? 2 - I want to put everything is OpenCA under the subtree cn=openca,ou=Certificates,ou=Services,dc=acme,dc=local and I use the DN cn=openca,ou=Certificates,ou=Services,dc=acme,dc=local also to authenticate against the LDAP server - but I noticed that I got an error that says that bind DN and base DN conflicts. Is it true? Of course they are the same, but do you know why I cannot build a subtree under my bind DN? I use an ACL to allow just the bindDN itself to walk throught the baseDN subtree - and I did the same with other services Thank you for your help Marco Carcano ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
