Hi Jose,

would you please outline how exactly one could use this patch?
What kind of LDAP lookup works best with X509_NAME_oneline()-style names?
Should the LDAP tree be somewhat special?

thank you and sorry for off-topic,
Vadim

On Wed, Oct 02, 2002 at 08:50:36AM +0200, Jose Correia (J) wrote:
> Hi Sarah
>  
> Take a look at http://authzldap.othello.ch/index.html
>  
> I've used it successfully.
>  
> Cheers
> Jose
>  
> 
> -----Original Message-----
> From: Sarath Chandra M [mailto:[EMAIL PROTECTED]]
> Sent: 29 September 2002 11:17
> To: [EMAIL PROTECTED]
> Subject: Apache 2.0.39 + ssl + ldap with client certificate
> authentication
> 
> 
>  
> Dear group,
> Has anybody tried doing ldap client certificate authentication for an
> apache
> 2.0.39 ssl server ?
> 
> Our environment is :
> RedHat linux 7.1 kernel 2.4.x
> apache 2.0.39 (inc. mod_ssl)
> openssl-engine-0.9.6g
> openldap (on a different redhat linux server)
> 
> The apache website has a verisign server certificate, a self-signed CA
> certificate and all clients have
> certificates in the ldap server signed by this CA.
> 
> When clients present their certificate to browse the Apache secure
> site,
> Apache should check the
> existence of their certificate in the LDAP server and also the
> validity of
> the contents of the certificate presented.
> 
> Kindly provide some direction to any solution or resources related to
> this
> issue.
> 
> Any help would be highly appreciated.
> 
> TIA
> Sarath
> 
> 
> 

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to