[image: top] <http://shib.ametsoc.org/manual/mod/mod_ldap.html#page-header> LDAPTrustedCA DirectiveDescription: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Description>Sets the file containing the trusted Certificate Authority certificate or databaseSyntax: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Syntax> LDAPTrustedCA directory-path/filenameContext: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Context>server configStatus: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Status>Experimental Module: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Module> mod_ldap
It specifies the directory path and file name of the trusted CA mod_ldap <http://shib.ametsoc.org/manual/mod/mod_ldap.html> should use when establishing an SSL connection to an LDAP server. If using the Netscape/iPlanet Directory SDK, the file name should be cert7.db. [image: top] <http://shib.ametsoc.org/manual/mod/mod_ldap.html#page-header> LDAPTrustedCAType DirectiveDescription: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Description>Specifies the type of the Certificate Authority fileSyntax: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Syntax> LDAPTrustedCAType typeContext: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Context>server configStatus: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Status>Experimental Module: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Module> mod_ldap The following types are supported: DER_FILE - file in binary DER format BASE64_FILE - file in Base64 format CERT7_DB_PATH - Netscape certificate database file ") Note: Add here: vi /etc/http/conf.d/ca.conf On Tue, Apr 14, 2015 at 7:49 PM, John Beaulaurier -X (jbeaulau - ADVANCED NETWORK INFORMATION INC at Cisco) <jbeau...@cisco.com> wrote: > Hello, > > > > We’re running Server version: Apache/2.0.63 that needs to be configured > for LDAPS. I have run into an issue with the certificate directives. > > > > I have a .pem file with the trusted ca-certs, but when I configure > httpd.conf to use it with the directives “LDAPTrustedCA /local/.pem” and > “LDAPTrustedCAType BASE64_FILE” > > The following error occurs. > > > > Syntax error on line 349 of /local/apache/conf/httpd.conf: > > LDAPTrustedCA not allowed here > > > > This is a directive for this Apache release, so I’m not sure why. > > > > Thanks > > -John > > >