apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <cove...@gmail.com>
Subject [PATCH] Fwd: [users@httpd] Apache httpd 2.2.8 not reading LDAPTrustedGlobalCert files
Date Thu, 01 May 2008 20:56:17 GMT
If I understand the versioning correctly, this additional cert-type
macro couldn't be added to 1.3.x after a 1.3.0 release. Would be nice
to have the glue in place so we can get HTTPD plugged into openldap
better.

http://people.apache.org/~covener/apr-trunk-ldap_tls_option_certdir.diff

---------- Forwarded message ----------
From: Eric Covener <covener@gmail.com>
Date: Thu, May 1, 2008 at 4:43 PM
Subject: Re: [users@httpd] Apache httpd 2.2.8 not reading
LDAPTrustedGlobalCert files
To: users@httpd.apache.org


On Thu, May 1, 2008 at 2:06 PM, Irwin Tillman <irwin@princeton.edu> wrote:

 >  Whatever's the cause, I've worked around it for now by specifying
just a single
 >  LDAPTrustedGlobalCert statement; currently all my LDAP servers
have certificates
 >  signed by the same CA.

 It doesn't look like openldap has any provision for "collecting" a
 list of one-shot certificate authorities, so each subsequent
 LDAPTrustedGlobalCert sets "the" certificate authority.

 Openldap provides an option to pass the path to a directory full of
 certificate authorities, but it doesn't look like apache has any way
 to set that.

 --


Eric Covener
 covener@gmail.com



-- 
Eric Covener
covener@gmail.com

Mime
View raw message