hi,
openldap and openca managed to work together. PostgreSQL is used as
back-sql
here's the configuration
[slapd.conf]
backend sql
database sql
suffix "o=Experimental CA,c=PH"
rootdn "cn=Manager,o=Experimental CA,c=PH"
rootpw {SSHA}MOz0k6Q/hgR/B4NPAnDRNW0dt9Mz9dmm
dbname ldapuser
dbuser ldapuser
dbpasswd ldapuser
subtree_cond "ldap_entries.dn LIKE CONCAT('%',?)"
insentry_query "INSERT INTO ldap_entries (dn,oc_map_id,parent,keyval)
VALUES (?,?,?,?)"
has_ldapinfo_dn_ru no
[ldap.xml]
<openca>
<ldap>
<debug>0</debug>
<excluded_roles>
<role>publish_all_roles</role>
</excluded_roles>
<suffix>
<dn>o=Experimental CA, c=PH</dn>
</suffix>
<host>ldap://localhost</host>
<port>389</port>
<login>cn=Manager,o=Experimental CA,c=PH</login>
<passwd>ldapuser</passwd>
:
:
</ldap>
</openldap>
Problems
1. when i try to add certificates to LDAP (LDAP->Certificates->Valid->Add to
LDAP) it says error 68: LDAP-add failed: Already exists
2. when i look at the debug output (slapd -d 9), it doesnt include the serial
number and OU..it only includes O=Experimental CA,C=PH during the insert in
the database.
*I did not include the OU in the rootdn* because it doesnt have a fixed
value (OU differs for every person's role such RA Operator and User which
corresponds to different
organizational unit)
thanks and hoping for your kind reply
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Openca-Users mailing list
Openca-Users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-users
