Re: enable LDAP-SSL without a root-CA

From: Joe Richards [MVP] (humorexpress@hotmail.com)
Date: 08/10/02

• Next message: Jim: "logon"
• Previous message: Joe Richards [MVP]: "Re: Win2KSP3 - problems, wait to install ?"
• In reply to: Igor Ybema: "enable LDAP-SSL without a root-CA"
• Next in thread: David Cross [MS]: "Re: enable LDAP-SSL without a root-CA"
• Reply: David Cross [MS]: "Re: enable LDAP-SSL without a root-CA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Joe Richards [MVP]" <humorexpress@hotmail.com>
Date: Sat, 10 Aug 2002 10:35:15 -0400

Some folks in our security group started talking to verisign about this and
I believe they found a way but it was very costly because verisign had to do
some very strange things to make this work.

--
Joe Richards
www.joeware.net
---
"Igor Ybema" <i.ybema@civ.utwente.nl> wrote in message
news:airfdt$19e$1@netlx020.civ.utwente.nl...
> Is it possible to enable SSL over LDAP in windows 2000 without installing
a
> enterprise root-CA?
>
> According to MS-article Q247078 you need to install an Enterprise CA and
> allow all domain controllers to receive a certificate automatically. In
our
> test-environment this works. After that we can use LDAPS in this
> test-enviroment to update passwords, make accounts etc. Now we need to use
> LDAPS in our production environment but we still have to decide how our
> CA-hierachy will look like. So we cant install a enterprise-CA yet and we
> can not wait for this. Is it somehow possible to use temporary self signed
> certificates to enable SSL over LDAP on one server?
>
> regards,
>
> Igor Ybema, University of Twente, Enschede, the Netherlands
>
>
>
>
>

• Next message: Jim: "logon"
• Previous message: Joe Richards [MVP]: "Re: Win2KSP3 - problems, wait to install ?"
• In reply to: Igor Ybema: "enable LDAP-SSL without a root-CA"
• Next in thread: David Cross [MS]: "Re: enable LDAP-SSL without a root-CA"
• Reply: David Cross [MS]: "Re: enable LDAP-SSL without a root-CA"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages enable LDAP-SSL without a root-CA ... enterprise root-CA? ... So we cant install a enterprise-CA yet and we ... certificates to enable SSL over LDAP on one server? ... (microsoft.public.win2000.security) Mandrake Linux + Courier-IMAP + Postfix + LDAP + IMP + SpamAssassin Mini-HOWTO ... Courier-IMAP, Postfix, Open LDAP, IMP and SpamAssassin on Mandrake ... Postfix was installed as a part of the Linux setup. ... I ran into trouble when I tried to install JAMM into a separate ... (comp.os.linux.misc) Re: Solaris 9 naming services ... >> Solaris package to install though), ... > EOF of NIS+ has been announced and it could be removed from Solaris 10. ... Naming Services to LDAP? ... (comp.unix.solaris) Re: Solaris 9 naming services ... >> Solaris package to install though), ... > EOF of NIS+ has been announced and it could be removed from Solaris 10. ... Naming Services to LDAP? ... (comp.sys.sun.admin) Re: [opensuse] Getting Rid of postfix and exim on my laptop ... But openSUSE is not a big enterprise distro, ... having cron mail me. ... These is also the issue of the context of the installation. ... Have a look at the ldap software you are _required_ to have loaded. ... (SuSE)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint