RE: [squid-users] Ldap squid novell

From: Nicholas Ritter <ritter@dont-contact.us>
Date: Wed, 07 May 2003 10:17:15 -0500

-----Original Message-----
From: Henrik Nordstrom [mailto:hno@squid-cache.org]
Sent: Tuesday, May 06, 2003 4:59 PM
To: ritter@hermes.lfc.edu; dorsolini
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Ldap squid novell

> Otherwise, export the SSL certificate that your LDAP/edirectory
> server is using, and import it into the linux box running squid,
> this way your squid box can do encrypted authentication.

> There should be no need to export the certificate. How do you intend
> to use this exported certificate?

SSL connection to a NetWare based LDAP server is not possible without
sharing the netware tree root CA certificate and/or the LDAP cert. I think
it is just the root CA cert, but this may depend on the client. iPlanet
authentication against netware LDAP is the same issue. I think the reason is
that the cert can't be verified with the public key of the signing authority
for the cert.

All I know is we couldn't get it to work otherwise, but I could have easily
missed something.

Nick
Received on Wed May 07 2003 - 09:17:01 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:20 MST