[horde] RE : Horde authentication with LDAP over SSL
Thibault LE MEUR
Thibault.LeMeur at supelec.fr
Tue May 23 05:43:01 PDT 2006
> captured the message exchange and it seems Horde doesn't want
> to setup the connection because it doesn't know the CA that
> signed the LDAP server certificate. So my question is, where
> can I configure the CA that Horde has to trust ? Currently,
See your /etc/openldap/ldap.conf file (caution not the /etc/ldap.conf one):
* Modify or add a line like this one:
TLS_CACERT /etc/ssl/cacerts/cacert.pem
* Where /etc/ssl/cacerts/cacert.pem is the PEM File containing your CA's
certificate
Alternatively you can use "TLS_CACERTDIR" if you have several CA's
Certificates (see man ldap.conf).
Also make sure everyone can read this certificate (chmod 444
/etc/ssl/cacerts/cacert.pem)
HTH,
Thibault
More information about the horde
mailing list