[Mageia-sysadm] ldap server certificate (was: Re: [Mageia-discuss] Fosdem report)

Romain d'Alverny rdalverny at gmail.com
Tue Feb 14 17:54:02 CET 2012


On Tue, Feb 14, 2012 at 17:35, Michael Scherer <misc at zarb.org> wrote:
>> It looks like we are still using a self-signed certificate on the ldap
>> server. So it's required to have "TLS_REQCERT allow" in /etc/openldap/ldap.conf
>> to be able to connect to the ldap server.
>>
>> Should we also use the *.mageia.org certificate on the ldap server ?

Wouldn't that make sense?

>> Or have our own CA with keys distributed by rpm packages in the
>> distribution ?
>
> I would say "our own CA, but that's such a PITA :/

Why?


More information about the Mageia-sysadm mailing list