(RADIATOR) SSLCAClientKey
Ryan Moore
ryan at hampshire.edu
Mon Apr 11 07:39:27 CDT 2005
Thanks to a lot of imformative posts on this list, I'm close to a
LEAP/Cisco WAP/OpenLDAP setup. One last thing (I hope)...I'm having some
problems with the Radiator doc. Specifically the LDAP AuthBy SSL section.
-------> # Name of the client certificate file:
-------> SSLCAClientCert /path/to/client/certificate.pem
Okay, so this isn't really the "client cert" right? This is the server
cert copied locally to the Radiator server and is the cert for the LDAP
server's public key. I think.
-------> # Name of the file containing the client private key
-------> SSLCAClientKey /path/to/client/keyfile.pem
Uh.....what's this for? Shouldn't Radiator just need the LDAP CA
certificate and the server cert? Surely this can't refer to the LDAP
server's private key. I can to LDAPsearch now using TLS just fine, and
all it needs is the CA cert.
-------> # only need to set one of the following
-------> #SSLCAPath /path/to/CA/cert/dir
-------> SSLCAFile /path/to/file/containing/certificate/of/CA.pem
Why are there two different parameters here? Can the SSLCAPath refer to
a http folder on the CA server? This isn't really important to me, I've
already copied the CA cert locally and can point to it.
I feel like there is something really obvious I'm missing here. so I'll
welcome any flaming.
- Ryan
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list