[389-users] questions about client certificate-base authentication
yp
ypagani at aps.edu.pl
Thu Feb 7 08:22:03 UTC 2013
Dnia 2013-02-06, o godz. 07:28:19
Rich Megginson <rmeggins at redhat.com> napisaĆ(a):
> On 02/06/2013 06:55 AM, yp wrote:
> > Hi all,
> >
> > I'm testing the 389 DS on centos 6 and I had a problem with the
> > certmap.conf file.
> >
> > The certmap.conf file exists (and there is no symlink between them)
> > at 2 locations : /etc/dirsrv/config
> > and /etc/dirsrv/slapd-instancename. The documentation
> > https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Directory_Server/9.0/html/Administration_Guide/Managing_SSL-Using_Certificate_Based_Authentication.html#sect-Console_Guide-Using_Client_Authentication-Editing_the_certmap.conf_File
> > says that we need to edit /etc/dirsrv/config/certmap.conf, but
> > during my testing, after modifying this file and restarting the
> > server, the mapping did not work. And I needed to edit the conf
> > file in the slapd-instancename to be able to authenticate via a
> > client-certificate.
>
> Right. Please file a doc bug.
Done :)
>
> >
> > It seems that /etc/dirsrv/config/certmap.conf is not used at all ( I
> > removed the file, restarted the server and authentication was
> > working).
> It is used as the template for creating new instances.
> >
Ok. Thanks for the explanation.
> >
> >
> > --
> > 389 users mailing list
> > 389-users at lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
"I've just come to this group and I don't know what it's all about.
I just feel it must be something really serious. Is it really ?"
- H. J. Thomas on linux-activists
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20130207/b7f55e6b/attachment.sig>
More information about the 389-users
mailing list