On Wednesday, 7 July 2010 23:06:40 Bryan Boone wrote: > Hi everyone. I am kinda a noob to OpenLDAP and SSL for that matter. > > I am writting a web page that resides on a special piece of proprietary > hardware (not a PC) that I need authentication for (running linux with > apache server). I would like LDAP to be one of the authentication methods > (this hardware will be a LDAP client) when a customer logs into the web > page of my device. Of course I need this to support LDAP with SSL. > > I went to the openldap website and found the directions to create and > generated the SSL certs and installed them in openLDAP (3 total). There > is the server cert and key, and then the client cert. > > You know how when connecting to a https:// website IE, or firefox will > prompt you if you want to accept the SSL certificate (if the cert is not > signed by a CA)? Does openldap provide a mechanism that will accomplish > the same thing (automatic client cert acceptance)?
No. > Or will I need to > provide a way on my hardware where the customer can manualy upload his/her > client cert to the device? If you want SSL cert validation, you must either ship with the CA certs you want, or provide a means to upload a CA cert. Regards, Buchan
