Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
openldap
OpenLDAP
Commits
680091b5
Commit
680091b5
authored
Feb 11, 2017
by
Andreas Schulze
Committed by
Howard Chu
Apr 12, 2021
Browse files
ITS
#8586
load cert+chain from TLSCertificateFile
For OpenSSL
parent
c29f0315
Changes
2
Hide whitespace changes
Inline
Side-by-side
doc/man/man5/slapd.conf.5
View file @
680091b5
...
...
@@ -1148,7 +1148,7 @@ Specifies the file that contains certificates for all of the Certificate
Authorities that
.B slapd
will recognize. The certificate for
the CA that signed the server certificate must be included among
the CA that signed the server certificate must
(GnuTLS)/may(OpenSSL)
be included among
these certificates. If the signing CA was not a top-level (root) CA,
certificates for the entire sequence of CA's from the signing CA to
the top-level CA should be present. Multiple certificates are simply
...
...
@@ -1164,6 +1164,9 @@ locations will be used.
Specifies the file that contains the
.B slapd
server certificate.
When using OpenSSL that file may also contain any number or intermediate
certificates.
.TP
.B TLSCertificateKeyFile <filename>
Specifies the file that contains the
...
...
libraries/libldap/tls_o.c
View file @
680091b5
...
...
@@ -465,8 +465,7 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server )
X509_free
(
cert
);
}
else
if
(
lo
->
ldo_tls_certfile
&&
!
SSL_CTX_use_certificate_file
(
ctx
,
lt
->
lt_certfile
,
SSL_FILETYPE_PEM
)
)
!
SSL_CTX_use_certificate_chain_file
(
ctx
,
lt
->
lt_certfile
)
)
{
Debug1
(
LDAP_DEBUG_ANY
,
"TLS: could not use certificate file `%s'.
\n
"
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment