Hi Jose, would you please outline how exactly one could use this patch? What kind of LDAP lookup works best with X509_NAME_oneline()-style names? Should the LDAP tree be somewhat special?
thank you and sorry for off-topic, Vadim On Wed, Oct 02, 2002 at 08:50:36AM +0200, Jose Correia (J) wrote: > Hi Sarah > > Take a look at http://authzldap.othello.ch/index.html > > I've used it successfully. > > Cheers > Jose > > > -----Original Message----- > From: Sarath Chandra M [mailto:[EMAIL PROTECTED]] > Sent: 29 September 2002 11:17 > To: [EMAIL PROTECTED] > Subject: Apache 2.0.39 + ssl + ldap with client certificate > authentication > > > > Dear group, > Has anybody tried doing ldap client certificate authentication for an > apache > 2.0.39 ssl server ? > > Our environment is : > RedHat linux 7.1 kernel 2.4.x > apache 2.0.39 (inc. mod_ssl) > openssl-engine-0.9.6g > openldap (on a different redhat linux server) > > The apache website has a verisign server certificate, a self-signed CA > certificate and all clients have > certificates in the ldap server signed by this CA. > > When clients present their certificate to browse the Apache secure > site, > Apache should check the > existence of their certificate in the LDAP server and also the > validity of > the contents of the certificate presented. > > Kindly provide some direction to any solution or resources related to > this > issue. > > Any help would be highly appreciated. > > TIA > Sarath > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]