AW: AW: Fedora 2 und OpenLDAP Server
Dirk Westfal
livelinux at nwst.de
Mon Nov 1 12:41:06 UTC 2004
On Monday 01 November 2004 13:32, Frank Büttner wrote:
Mann hab` ich heute eine Leitung - der Server versucht natuerlich das CLIENT
Certifikat zu lesen ...
Also brauchst Du das hier:
TLSVerifyClient <level>
Specifies what checks to perform on client certificates in an
incoming TLS session, if any. The <level> can be specified as
one of the following keywords:
never This is the default. slapd will not ask the client for a
certificate.
allow The client certificate is requested. If no certificate
is provided, the session proceeds normally. If a bad
certificate is provided, it will be ignored and the
session proceeds normally.
try The client certificate is requested. If no certificate
is provided, the session proceeds normally. If a bad
certificate is provided, the session is immediately
terminated.
Es sei denn Du willst tatsaechlich auf beiden Seiten Certs einzetzen.
Aber ich wuerde es sowieso erstmal nur mit einer Seite versuchen.
Gruesse,
Dirk
--
http://www.linux4all.de/livecd
More information about the Fedora-de-list
mailing list