Return-Path: X-Original-To: apmail-directory-users-archive@www.apache.org Delivered-To: apmail-directory-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 2884910C39 for ; Wed, 14 Aug 2013 03:38:10 +0000 (UTC) Received: (qmail 55173 invoked by uid 500); 14 Aug 2013 03:38:08 -0000 Delivered-To: apmail-directory-users-archive@directory.apache.org Received: (qmail 54897 invoked by uid 500); 14 Aug 2013 03:38:03 -0000 Mailing-List: contact users-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@directory.apache.org Delivered-To: mailing list users@directory.apache.org Received: (qmail 54888 invoked by uid 99); 14 Aug 2013 03:38:00 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Aug 2013 03:38:00 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of ayyagarikiran@gmail.com designates 209.85.212.172 as permitted sender) Received: from [209.85.212.172] (HELO mail-wi0-f172.google.com) (209.85.212.172) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Aug 2013 03:37:54 +0000 Received: by mail-wi0-f172.google.com with SMTP id hj13so1429526wib.5 for ; Tue, 13 Aug 2013 20:37:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=3IsKvy2P2Hx94Nq0oECSCR09XOl4LXtczrg4bWrk124=; b=mBopUoIm+ilumkgldL2H/egUTLwwPTdGwS6xzOoPslQigt3xTjWTSTMij9ZPNL9Dh4 OLGmbnsHjucGS1A/tGhvrOvLvSCIAkDkR9tA3HZqNhiBaaVq1ZIVhuVfBJnkfFHjSZAo Pwll9O9Pg1HcwN1O7HYUSn2mvIWsES80u6w2KACuJotsi3cPlRaKoiE3wjk0yfN5FljY ijm5+jp+BSAT4IkIXCFSSDPXVLI/GTLOJd2ZwGbZYJqlAOfbtmVqDFvT4WBlQVzUXBSB KJenp9McuEFp3ofSdU6Wt4ElZuSelwn4/YibsZBDfiwITbWxdL4jy9Y3s7rGgsHXRpv4 v5Ng== MIME-Version: 1.0 X-Received: by 10.180.104.73 with SMTP id gc9mr4766526wib.13.1376451453825; Tue, 13 Aug 2013 20:37:33 -0700 (PDT) Sender: ayyagarikiran@gmail.com Received: by 10.217.138.78 with HTTP; Tue, 13 Aug 2013 20:37:33 -0700 (PDT) In-Reply-To: <98A0061D0243EA4B980DE1BEADCE398A2D541769D9@FHDP1LUMXC7V22.us.one.verizon.com> References: <98A0061D0243EA4B980DE1BEADCE398A2D541769D9@FHDP1LUMXC7V22.us.one.verizon.com> Date: Wed, 14 Aug 2013 09:07:33 +0530 X-Google-Sender-Auth: 9zYjWrPxlrER-dbFLMT1iztYaE4 Message-ID: Subject: Re: Certificate search and validation From: Kiran Ayyagari To: users@directory.apache.org Content-Type: multipart/alternative; boundary=f46d044282bcf4b7c604e3e0132e X-Virus-Checked: Checked by ClamAV on apache.org --f46d044282bcf4b7c604e3e0132e Content-Type: text/plain; charset=ISO-8859-1 On Wed, Aug 14, 2013 at 1:38 AM, Levit, Shai wrote: > Since LDAP can store a variety of files, can it also store Certificates > and Key Pairs for S/MIME validation and verification ? And if so, how is > this accomplished ? > the certificates using the 'userCertificate' attribute (present in inetOrgPerson and pkiUser objectclasses present in 'core' schema) and public/private keys with the attributes present in 'tlsKeyInfo' objectclass of 'apache' schema (you can even create your own objectclass and include these attributes as well) > Are the certificates stored as attributes ? Files (PEM / p.12) ? Or is > there a search parameter that then further points to a certificate store > for encryption / decryption process ? > > they are stored as attributes, just use the above said attribute names while searching to get the values > Thanks > > Shai Levit, M.S.c > Software Engineer | Verizon SUMS > Mobile: (616) 610-7403 > Email: shai.levit@one.verizon.com > > -- Kiran Ayyagari http://keydap.com --f46d044282bcf4b7c604e3e0132e--