T\bTL\bLS\bS_\b_C\bCA\bAC\bCE\bER\bRT\bTF\bFI\bIL\bLE\bE _\bf_\bi_\bl_\be _\bn_\ba_\bm_\be
The path to a certificate authority bundle which contains the
certificates for all the Certificate Authorities the client knows
- to be valid, e.g. _\b/_\be_\bt_\bc_\b/_\bs_\bs_\bl_\b/_\bc_\ba_\b-_\bb_\bu_\bn_\bd_\bl_\be_\b._\bp_\be_\bm. This option is only
+ to be valid, e.g., _\b/_\be_\bt_\bc_\b/_\bs_\bs_\bl_\b/_\bc_\ba_\b-_\bb_\bu_\bn_\bd_\bl_\be_\b._\bp_\be_\bm. This option is only
supported by the OpenLDAP libraries. Netscape-derived LDAP
libraries use the same certificate database for CA and client
certificates (see T\bTL\bLS\bS_\b_C\bCE\bER\bRT\bT).
T\bTL\bLS\bS_\b_C\bCA\bAC\bCE\bER\bRT\bTD\bDI\bIR\bR _\bd_\bi_\br_\be_\bc_\bt_\bo_\br_\by
Similar to T\bTL\bLS\bS_\b_C\bCA\bAC\bCE\bER\bRT\bTF\bFI\bIL\bLE\bE but instead of a file, it is a directory
- containing individual Certificate Authority certificates, e.g.
+ containing individual Certificate Authority certificates, e.g.,
_\b/_\be_\bt_\bc_\b/_\bs_\bs_\bl_\b/_\bc_\be_\br_\bt_\bs. The directory specified by T\bTL\bLS\bS_\b_C\bCA\bAC\bCE\bER\bRT\bTD\bDI\bIR\bR is
checked after T\bTL\bLS\bS_\b_C\bCA\bAC\bCE\bER\bRT\bTF\bFI\bIL\bLE\bE. This option is only supported by the
OpenLDAP libraries.
If no T\bTL\bLS\bS_\b_K\bKE\bEY\bYP\bPW\bW is specified, a _\bs_\bt_\ba_\bs_\bh _\bf_\bi_\bl_\be will be used if it
exists. The _\bs_\bt_\ba_\bs_\bh _\bf_\bi_\bl_\be must have the same path as the file
specified by T\bTL\bLS\bS_\b_K\bKE\bEY\bY, but use a .sth file extension instead of
- .kdb, e.g. ldapkey.sth. The default ldapkey.kdb that ships with
+ .kdb, e.g., ldapkey.sth. The default ldapkey.kdb that ships with
Tivoli Directory Server is encrypted with the password
ssl_password. The _\bg_\bs_\bk_\b8_\bc_\ba_\bp_\bi_\bc_\bm_\bd utility can be used to manage the
key database and create a _\bs_\bt_\ba_\bs_\bh _\bf_\bi_\bl_\be. This option is only
#
# For SunONE or iPlanet LDAP, tls_cert and tls_key may specify either
# a directory, in which case the files in the directory must have the
- # default names (e.g. cert8.db and key4.db), or the path to the cert
+ # default names (e.g., cert8.db and key4.db), or the path to the cert
# and key files themselves. However, a bug in version 5.0 of the LDAP
# SDK will prevent specific file names from working. For this reason
# it is suggested that tls_cert and tls_key be set to a directory,
S\bSu\bud\bdo\bo s\bsc\bch\bhe\bem\bma\ba f\bfo\bor\br O\bOp\bpe\ben\bnL\bLD\bDA\bAP\bP
The following schema, in OpenLDAP format, is included with s\bsu\bud\bdo\bo source
and binary distributions as _\bs_\bc_\bh_\be_\bm_\ba_\b._\bO_\bp_\be_\bn_\bL_\bD_\bA_\bP. Simply copy it to the
- schema directory (e.g. _\b/_\be_\bt_\bc_\b/_\bo_\bp_\be_\bn_\bl_\bd_\ba_\bp_\b/_\bs_\bc_\bh_\be_\bm_\ba), add the proper include line
- in _\bs_\bl_\ba_\bp_\bd_\b._\bc_\bo_\bn_\bf and restart s\bsl\bla\bap\bpd\bd.
+ schema directory (e.g., _\b/_\be_\bt_\bc_\b/_\bo_\bp_\be_\bn_\bl_\bd_\ba_\bp_\b/_\bs_\bc_\bh_\be_\bm_\ba), add the proper include
+ line in _\bs_\bl_\ba_\bp_\bd_\b._\bc_\bo_\bn_\bf and restart s\bsl\bla\bap\bpd\bd.
attributetype ( 1.3.6.1.4.1.15953.9.1.1
NAME 'sudoUser'
.TP 6n
\fBTLS_CACERTFILE\fR \fIfile name\fR
The path to a certificate authority bundle which contains the certificates
-for all the Certificate Authorities the client knows to be valid, e.g.\&
+for all the Certificate Authorities the client knows to be valid, e.g.,
\fI/etc/ssl/ca-bundle.pem\fR.
This option is only supported by the OpenLDAP libraries.
Netscape-derived LDAP libraries use the same certificate
Similar to
\fBTLS_CACERTFILE\fR
but instead of a file, it is a directory containing individual
-Certificate Authority certificates, e.g.\&
+Certificate Authority certificates, e.g.,
\fI/etc/ssl/certs\fR.
The directory specified by
\fBTLS_CACERTDIR\fR
\fR.sth\fR
file extension instead of
\fR.kdb\fR,
-e.g.\&
+e.g.,
\fRldapkey.sth\fR.
The default
\fRldapkey.kdb\fR
#
# For SunONE or iPlanet LDAP, tls_cert and tls_key may specify either
# a directory, in which case the files in the directory must have the
-# default names (e.g. cert8.db and key4.db), or the path to the cert
+# default names (e.g., cert8.db and key4.db), or the path to the cert
# and key files themselves. However, a bug in version 5.0 of the LDAP
# SDK will prevent specific file names from working. For this reason
# it is suggested that tls_cert and tls_key be set to a directory,
source and binary distributions as
\fIschema.OpenLDAP\fR.
Simply copy
-it to the schema directory (e.g.\&
+it to the schema directory (e.g.,
\fI/etc/openldap/schema\fR),
add the proper
\fRinclude\fR
projects / sudo / commitdiff