免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 2427 | 回复: 2
打印 上一主题 下一主题

[ldap] 谁能帮帮我,Sunone的LDAP的SSL问题。 [复制链接]

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2006-11-16 16:09 |只看该作者 |倒序浏览
我想启用SunOne的SSL功能,但没弄过,主要是不知证书的要求,哪位大侠弄过,帮一下啊。

论坛徽章:
0
2 [报告]
发表于 2006-11-17 10:38 |只看该作者
转个东西给你,关于证书的生成

use openssl to create certificate.



Here are the steps with OpenSSL to create a self-signed certificate. Save the CSR that the webserver sent you; here it's called file.csr.

> openssl genrsa -des3 -out ca.key 4096
(creates a 4096 bit RSA key called ca.key)

> openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
(once you've filled in the requested details, creates a certificate called ca.crt using the ca.key file you created in the previous step).

> openssl x509 -req -days 3650 -in file.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
(takes the CSR file the CA cert and creates a certificate file for your web server called server.crt)

Now you can install the server.crt file at the admin server by clicking on the 'Install Certificate' link in the Security tab - just paste the file's contents into the message text field.

Note that the '-days 3650' part of the OpenSSL commands above makes your cert valid for about 10 years!

export LD_LIBRARY_PATH=/export/home/

certutil -N -d dirroot/alias -P slapd-prefix-

论坛徽章:
0
3 [报告]
发表于 2006-11-17 17:46 |只看该作者
多谢,研究一下。
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP