Thanks Chris,
I used the Makefile that comes with Apache for generating certificates
and it cranked out a .pem file that does the trick.
Paul
>>> Chris Ridd <chr...@me...> 06/11/02 01:14AM >>>
On 10/6/02 8:39 pm, Paul Lieberman <li...@so...> wrote:
> I'm trying to convert some scripts that used PerLDAP to Net::LDAP.
My
> server (Netware) requires an SSL conection with a client supplied
> certificate. In PerLDAP it worked like this ...
>
> $conn = new Mozilla::LDAP::Conn( host => 'myserver', port =>
'636',
> cert => 'cert7.db');
>
> with Net::LDAPS I'm trying to do ...
>
> $conn = new Net::LDAPS( 'myserver', port => '636', clientcert =>
> 'cert7.db', clientkey => 'cert7.db');
>
> and it dosn't work. I get no error, $conn just comes back undefined.
I
> can't remember how I originally generated 'cert7.db' but I'm
guessing
> its not the right format for Net::LDPS. So how do I make this work?
You got it! Both the cert and the key need to be PEM files. Also,
currently
the key needs to be unencrypted...
I think Netscape Communicator 4 stores certs in cert7.db and keys in
keys3.db, so you may be able to use the Netscape/Mozilla browser GUI
to
export your keypair to an (eg) PKCS#12 file. You can then use the
openssl
command line tools (openssl pkcs12 -help) to convert the PKCS#12 file
into a
cert and a key.
Cheers,
Chris
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -
http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink
|
