Is there anyone have a public LDAP directory so I can see what things will be after certificates are published? All other LDAP examples, such as publishing CRL by LDAP is great too. Of course having config files included will help me tremendously.
Thanks in advanced,
Nam
Martin Bartosch wrote:
Hi, IIRC, the base dn can be configured in etc/ldap.xml.template and defaults to o=<your organization, c=<your country>. For my setup, e. g., I modified it to use only c= as base dn:
<openca> <ldap> ... <suffix> <!-- <dn>[EMAIL PROTECTED]@, [EMAIL PROTECTED]@</dn> --> <dn>[EMAIL PROTECTED]@</dn> </suffix>
As long as you do not publish EE certificates to LDAP (only CA certs and CRLs), the nodes can coexist on the same level in the LDAP hierarchy. If you choose to publish certs, you will have to make sure that your CAs span distinct name space. Otherwise updates might overwrite each other.
Martin
------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
