At 20:17 21.07.99 +0200, you wrote:
>Hi,
Hallo,
>I am a member of the OpenLDAP core and I have been glueing together the
>OpenLDAP slapd (the standalone LDAP server) with OpenSSL. It was easy
>and most complications came from it being a multithreaded program that
>also does non-blocking I/O, that is, a real pig.
Fine...
>OK, now I have run into a problem. I don't manage to convince Netscape
>Communicator to send the client certificate when using LDAP. The same
>certificate is sent correctly to Apache/mod_ssl. All that said,
>everything would point at my direction, right? Well, I have been for
>several days fighting this and I am not so sure. If I tell the Address
>Book that my LDAP server is my Apache/mod_ssl, then it fails too for
>the same reason:
>
>[error] OpenSSL: error:140890C7:SSL
>routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate
>[Hint: No CAs known to server for verification?]
You must specify a list of CA certificates.
Only if Netscape has a client certfificate signed by
one of the certificates in the list,
it will send a client certificate...
Should be in the FAQ...
By
Goetz
--
Goetz Babin-Ebell mailto:[EMAIL PROTECTED]
TC Trust Center for Security http://www.trustcenter.de
in Data Networks GmbH Tel.: +49-40-766 29 3301
Am Werder 1 / 21073 Hamburg / Germany Fax.: +49-40-766 29 577
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
