From: Kevin <lum...@gn...> - 2005-01-18 13:15:21
|
On Mon, 2005-01-17 at 22:11 -0500, Kevin wrote: > Answer: > > /etc/openldap/ldap.conf > ~/.ldaprc > ~/ldaprc > CWD/ldaprc > > ldap.conf(5) > > Only problem I found was that TLS_CACERTDIR doesn't seem to work as > advertised. I found that TLS_CACERT did work, though. > > -Kevin > http://www.gnosys.us The reason that TLS_CACERTDIR didn't work for me at the time is that one must first run /usr/bin/c_rehash <directory> where <directory> is the path that TLS_CACERTDIR points to. Once that is done, lots of symlinks (see below) are set up in that directory and then TLS_CACERTDIR works just as well as TLS_CACERT in ldap.conf and related files with ldap clients. lrwxr-xr-x 1 root root 11 Jan 17 22:18 f3e90025.0 -> factory.pem lrwxr-xr-x 1 root root 11 Jan 17 22:18 f73e89fd.0 -> vsignss.pem I learned this from the openldap mailing list archive. -Kevin http://www.gnosys.us |