cert2ldap man page on Scientific

Man page or keyword search:  
man Server   26626 pages
apropos Keyword Search (all sections)
Output format
Scientific logo
[printable version]


       cert2ldap - import a certificate into an LDAP server

       cert2ldap [ options ] [ certificatefile ]

	      connect to server hostname.

       -pport use port port instead of the usual LDAP port 389.

       -i     store  the  issuer  distinguished name of the certificate in the

       -s     store the subject distinguished name of the certificate  in  the

       -c     store the certificate in binary form in the directory.

       -n     store the serial number of the certificate in the directory.

       -d     increase debug level.

	      add all the attributes specified to the entry with distinguished
	      name targetdn.

	      bind as user binddn to the directory.

	      use password to bind to the directory.

	      create a certificate mapping entry that specifies owner  as  the
	      owner of the certificate.

	      use LDAP protocol version version to connect to the server.

       -B     use "userCertifiate;binary" format for update, some servers seem
	      to require this, others are happy without.

       Cert2ldap is used to import a certificate into  an  LDAP	 directory  in
       such a as to allow the mod_authz_ldap Apache module to authenticate and
       authorize users based on their certificates.  The certificate is either
       specified as a certificatefilename argument on the command line or read
       from standard input.  There are essentially two ways to	use  the  pro‐
       gram:  either a certificate is added as a userCertifcate attribute to a
       users node, or a certificate mapping node is added  somewhere  else  in
       the directory, referencing the user.

       The  second  form is active as soon as one if the options -i, -s, -o or
       -n are used. The first form uses only the -c option. The	 correct  con‐
       figuration of the entires can be checked using the certfind(1) program.

       If  the	node  to be updated does not exist yet, a minimal node is cre‐
       ated.  However this is only marginally useful in the  case  of  a  node
       containing the certificate proper.


       Andreas F. Mueller <andreas.mueller@othello.ch>

MOD_AUTHZ_LDAP			   21/04/01			  CERT2LDAP(L)

List of man pages available for Scientific

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net