- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: SSL with Netscape Directory Server
Operating System - HP-UX
1753809
Members
7668
Online
108805
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-26-2005 10:01 PM
тАО05-26-2005 10:01 PM
SSL with Netscape Directory Server
I'm looking at implementing Netscape Directory Server for authenticating my HPUX servers against an LDAP database. I don't want cleartext passwords over the network so will need to implement SSL encryption.
Reading all the documentation it implies I need to either enlist the services of a 3rd-party Certificate Authority (verisign etc) or setup a Certificate Authority server in-house.
Whilst I appreciate the requirements for this sort of thing, setting up our own CA for one certificate seems overkill. I'm not really bothered about securing against fake-certificates and that sort of thing, I simply want encrypted traffic.
I note in the docs that if I want to have a replica database (which I do) then I can't use self-signed certificates because it will not work. Is this also the case for the client<->ldap_server comms? Are there any other ways?
Basically I need to know the easiest way of encrypting LDAP traffic on our LAN without requiring a CA. Or if not possible the easiest way to setup the minimum required to get this scenario working.
Reading all the documentation it implies I need to either enlist the services of a 3rd-party Certificate Authority (verisign etc) or setup a Certificate Authority server in-house.
Whilst I appreciate the requirements for this sort of thing, setting up our own CA for one certificate seems overkill. I'm not really bothered about securing against fake-certificates and that sort of thing, I simply want encrypted traffic.
I note in the docs that if I want to have a replica database (which I do) then I can't use self-signed certificates because it will not work. Is this also the case for the client<->ldap_server comms? Are there any other ways?
Basically I need to know the easiest way of encrypting LDAP traffic on our LAN without requiring a CA. Or if not possible the easiest way to setup the minimum required to get this scenario working.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2006 11:08 AM
тАО03-20-2006 11:08 AM
Re: SSL with Netscape Directory Server
Hi Simon,
How did you go with this? No replies I see. I am considering using the same approach as you for our site, perhaps we could share our experiences with each other. It would be a shame if it was so hard to simply encrypt traffic over the network. Surely you could setup a certificate and it would just work? Perhaps not.
Keep me posted as to how you go with this.
Thanks.
- Andrew
How did you go with this? No replies I see. I am considering using the same approach as you for our site, perhaps we could share our experiences with each other. It would be a shame if it was so hard to simply encrypt traffic over the network. Surely you could setup a certificate and it would just work? Perhaps not.
Keep me posted as to how you go with this.
Thanks.
- Andrew
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-20-2006 11:09 AM
тАО03-20-2006 11:09 AM
Re: SSL with Netscape Directory Server
Also, which version of Netscape Directory Server are you using?
Thanks.
- Andrew
Thanks.
- Andrew
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО04-03-2006 12:23 PM
тАО04-03-2006 12:23 PM
Re: SSL with Netscape Directory Server
To answer your question, we can generate your own certificate using some command line tools provided as part of RedHat directory server (or netscape directory server).
See page 433 of this RedHat Directory Server Administration guide document, titled "using certutil":
http://docs.hp.com/en/7118/ds71admin.pdf
certutil is the command line tool you want to use to do what you have said above.
- Andy
See page 433 of this RedHat Directory Server Administration guide document, titled "using certutil":
http://docs.hp.com/en/7118/ds71admin.pdf
certutil is the command line tool you want to use to do what you have said above.
- Andy
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP