Hi. I'm trying to integrate LDAP support to an running CA. Without LDAP everything works for some weeks. Now I want to add LDAP (using slapd from debian sarge). Is this easier to do or would it be better to reinstall all OpenCA stuff with LDAP support?
I'm following the instructions of http://www.openca.org/openca/docs/files/openca-guide.pdf First question: The doc tells about file OPENCADIR/etc/servers/online.conf but I don't have this one? Might this be an error or is it ok. I have configured in ldap.conf (and copied it to ra-node.conf) LDAP "yes" ldapserver "localhost" ldapport "389" basedn "dc=abc,dc=xyz,dc=de" ldaproot "cn=admin, dc=ybc,dc=xyz,dc=de" ldappwd "mypassword" ldap_version "3" ldap_tls "no" ldap_sasl "no" updateLDAPautomatic "yes" LDAP_CRL_Issuer "" LDAP_CA_DN "" When I now try to do an dataexchange on ra-node (import from CA) I get this error: Cannot write CA-Certificate b138561c768c72828f62c2879c098639 to LDAP. (error 48: LDAP-bind failed: No password, did you mean noauth or anonymous ?) What's wrong with configuration? Do I have to configure something more anywhere? I found no more doc about LDAP. I want to use LDAP to store certs and crl to use ocspd with LDAP. Regards B.Henne ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
