Thanks for you input Rafeeq
Ok so maybe I should clearify the situation a bit more. I have the official openssl O'Reilly book so I didn't really need help using the openssl command line. I have an on going and viable CA and have been issueing certificate for authentication for sometime now. My question is mainly concerned with getting LDAPS working on M$ NT2003 servers. Here are the steps I've taken. 1. Using M$ cert mananger create a certificate request. 2. Get request to Linux/openssl for signing I use the openssl extension process to include "Server Authentication" according to the M$ document link contained within this e-mail. 3. Sign certificate and openssl x509 -in msserv.cert -noout -text -purpose to test certificate 4. Get new certificate over to M$ NT2003 and inport into the computer's person certificate storage. Also note that we have include our root certificate in the trusted root storage area on the server. port 636 doesn't indeed appear to be listening however all attempt to connect fail. NT logs show "can't find private key for server certificate". If anyone has successfully made NT 2003 work with openssl certificate on LDAPS or has an idea why the server can't find the private I would be appreciative. thanks group! --- Rafeeq Ahmed <[EMAIL PROTECTED]> wrote: > Hi ray > > check this > http://www.madboa.com/geek/openssl/ > > regards > Rafeeq > > On Mon, 28 Feb 2005 10:35:27 -0800 (PST), ray v > <[EMAIL PROTECTED]> wrote: > > I'm trying to get our domain controllers to make > use > > of certificates generated by our openssl based CA. > Is > > there documentation out there on how to make this > work > > correctly? Any pointers would be appreciated! > > > > Requirements for making third-party certificates > work > > > http://support.microsoft.com/default.aspx?scid=kb;en-us;291010 > > > > __________________________________ > > Do you Yahoo!? > > Yahoo! Mail - Helps protect you from nasty > viruses. > > http://promotions.yahoo.com/new_mail > > > ______________________________________________________________________ > > OpenSSL Project > http://www.openssl.org > > User Support Mailing List > openssl-users@openssl.org > > Automated List Manager > [EMAIL PROTECTED] > > > __________________________________ Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. http://info.mail.yahoo.com/mail_250 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
