Re: [Evolution] ldaps?

From: Chris Toshok <toshok ximian com>
To: Tony Earnshaw <tonni billy demon nl>
Cc: "Thomas J. Baker" <tjb unh edu>, Evolution Mailing List <evolution ximian com>
Subject: Re: [Evolution] ldaps?
Date: 10 Jan 2003 14:35:01 -0800

I have a self signed cert as well, and when I use mozilla I get the
"Website Certified by Unknown Authority" window..  Things work from
evolution though, without any warnings/errors..  I'd really like to add
that mozilla dialog's functionality into the evolution addressbook but
I'm not sure it's even possible when using openldap.

Another option, of course, is porting evolution to use netscape's ldap
sdk, and therefore nss..  then the mailer and addressbook would be using
the same ssl library instead of the mess we have now :)

Chris

On Fri, 2003-01-10 at 13:49, Tony Earnshaw wrote:

fre, 2003-01-10 kl. 22:05 skrev Thomas J. Baker:

I'm using 2.0.25 from Red Hat 8.0 and the debug level was 5. I'm using a
self signed certificate.


Might work (I don't know 2.0.x at all, started with 2.1.2), but with
later Openldap versions you'd do better to make or buy a CA certificate
(Openssl, if you have Apache/mod_ssl or FreeS/WAN IPSEC, there's very
good documentation on how to make a CA cert and CRL cert) and sign with
that. Put it somewhere where all clients have read access and make sure
it agrees wih the host's FQDN ('hostname -f', in /etc/hosts, not 'uname
-n').

Best,

Tony

Follow-Ups:
- Re: [Evolution] ldaps?
  - From: Soeren Sonnenburg

References:
- Re: [Evolution] ldaps?
  - From: Chris Toshok
- Re: [Evolution] ldaps?
  - From: Tony Earnshaw
- Re: [Evolution] ldaps?
  - From: Thomas J. Baker
- Re: [Evolution] ldaps?
  - From: Tony Earnshaw

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]