On Nov 8, 2005, at 10:48 AM, John Anthony Grigutis wrote:
Has anyone had any success in adding a CA to Open Directory (in
cn=certificateauthorities)? There is an option in Keychain Access
to "Search Directory Services For Certificates" but nothing shows
up in that keychain after adding the object to the directory. From
what I've been able to find, the object should look like:
First you'll note that the standard OD mappings map
CertificateAuthorities to an OU, which doesn't exist in OD by default
so you have to re-do the mappings if you have a standard OD setup.
After fixing that you should see the certs using dscl.
That's as far as I've ever been able to get, however. Keychain Access
never saw the certs. Although I've been told that even if they do
show up in keychain access, they aren't really "trusted." As in you
have to drag them from the LDAP entry into your local X509Anchors
before they will be treated as a valid certificate.
Joel
www.afp548.com
email@hidden _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
