Subject: | |
From: | |
Reply To: | Marc W. Mengel |
Date: | Thu, 6 Jul 2006 15:08:02 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Chris Hunter wrote:
> Hi,
>
> Does anyone know if the nss_ldap rpm package in SL4x (nss_ldap-226-10)
> is compiled with ssl support ?
Well, If I:
rpm -ql nss_ldap
I get a long list of files including:
/lib/security/pam_ldap.so
If I then do a:
ldd /lib/security/pam_ldap.so
I get a list of referenced libraries, including:
libcrypto.so.4 => /lib/libcrypto.so.4 (0x0023a000)
If I
ls -l /lib/libcrypto.so.4
I find it's really as symlink
/lib/libcrypto.so.4 -> libcrypto.so.0.9.7a
And if I
rpm -qf /lib/libcrypto.so.0.9.7a
I find that's from openssl-0.9.7a-43.4.
So yes, nss_ldap *was* built with ssl support.
> Anybody using ldap + ssl on scilinux ?
I talked with a guy at SLAC who was using it on Red Hat Enterprise,
which is remarkably similar to Scientific Linux... I believe it was
working for him.
I note also that the "rpm -ql nss_ldap" above also has:
/usr/share/doc/nss_ldap-226/README.TLS
(where TLS is the newer name for SSL...) which mentions that
hostnames in the ldap.conf file need to match up letter for letter
with (I assome the CN=... part of) certificates on servers.
Marc
|
|
|