Openldap userCertificate;binary:< file question

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Openldap userCertificate;binary:< file question

Chevalier, Victor T.
Hello All,

I was wondering what you all thought about this problem I have

All the googling and open information suggests that loading a
certificate into openldap in an ldif file should be in PEM format.

However my ldif looks like this:

userCertificate;binary:< file:///home/vchevalier/myCA/vchevalier.crt

But the only way I can get this certificate to load into the ldap server
is to do the following.

openssl x509 -inform PEM -in vchevalier.crt -outform DER -out

Then I change my ldif section to

userCertificate;binary:< file:///home/vchevalier/myCA/vchevalier.der

And it magically works.

Now forgive my ignorance as I am new to ldap, but this is DER format,

So when polling an LDAP server should I be load certificates from LDAP
into a DER or PEM structure as it appears that openldap loads only DER
and all the google information is wrong!

What gives!

OpenSSL Project                       
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]