Re: Retrieving userCertificate

Rich Megginson Wed, 09 Mar 2005 13:56:46 -0800

Senandung Mendonan wrote:

Rich Megginson wrote:

I have an LDAP directory where users store their X.509 certificates

in

userCertificate;binary attribute in their entries. When MS Outlook

and

Outlook Express look up addresses, they are able to retrieve that
attribute and send encrypted mails accordingly. However,


Mozilla-based

clients could not extract that info from the directory. Any hints?
I'm not sure. What directory server are you using? Can you take a


look

at the access log to see what the Mozilla based clients are looking


for?

You might have to post a question to the Thunderbird list.

Rich, thanks for your response. :)

I'm using OpenLDAP 2.2.23. Client tested on Thunderbird as well as
Mozilla Mail. From LDAP query logs, userCertificate;binary was
searched:-

Mar  9 23:26:30 ldap slapd[535]: conn=53 fd=19 ACCEPT from
IP=10.1.1.254:64271 (IP=0.0.0.0:389)
Mar  9 23:26:30 ldap slapd[535]: conn=53 op=0 BIND dn="" method=128
Mar  9 23:26:30 ldap slapd[535]: conn=53 op=0 RESULT tag=97 err=0 text=
Mar  9 23:26:30 ldap slapd[535]: conn=53 op=1 SRCH
base="dc=domain,dc=com" scope=2 deref=0
filter="([EMAIL PROTECTED])"
Mar  9 23:26:30 ldap slapd[535]: conn=53 op=1 SRCH
attr=usercertificate;binary
Mar  9 23:26:30 ldap slapd[535]: conn=53 op=1 ENTRY
dn="uid=testuser,ou=People,dc=domain,dc=com"
Mar  9 23:26:30 ldap slapd[535]: conn=53 op=1 SEARCH RESULT tag=101
err=0 nentries=1 text=

but when encrypting mail to [EMAIL PROTECTED], I get "application
failed to find an encryption certificate for [EMAIL PROTECTED]".
Maybe Mozilla just doesn't like my cert?

That could be it, especially since you also cannot sign. I have the same problem in reverse with my Thawte Freemail cert - it works in Mozilla apps but not in Outlook.


I actually have another more major problem: I can't even sign mails (in
case the problem is related):-

http://groups-beta.google.com/group/netscape.public.mozilla.mail-news/msg/8e1666f78fe9f939

Thanks.
--mendonan

_______________________________________________
mozilla-directory mailing list
mozilla-directory@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-directory

Re: Retrieving userCertificate

Reply via email to