Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
project:pki [2017/09/04 19:10]
licho 		project:pki [2017/09/05 08:48]
licho [Linky]
Line 60: Line 60:
 Přepokládejme dva servery: Přepokládejme dva servery:
   * ca.labka.cz (192.168.1.11),​ na kterém provozujem Certifikační Autoritu [[https://​www.openssl.org/​|OpenSSL]],​   * ca.labka.cz (192.168.1.11),​ na kterém provozujem Certifikační Autoritu [[https://​www.openssl.org/​|OpenSSL]],​
-  * a ldap.labka.cz (192.168.1.12),​ na kterém provozujem LDAP Server [[http://​directory.fedoraproject.org/​|389 Directory Server]].+  * a ldap.labka.cz (192.168.1.12),​ na kterém provozujem LDAP Server [[http://​directory.fedoraproject.org/​|389 Directory Server]] nebo [[http://​www.openldap.org/​|OpenLDAP]].
  
 <code sh create-certs-CA.sh>​ <code sh create-certs-CA.sh>​
Line 68: Line 68:
  
 # 2> Vytvoř kořenovou CA: # 2> Vytvoř kořenovou CA:
-$ openssl req-x509 -newkey rsa:4096 -keyout myCA.key -out myCA.pem -days 3650 \+$ openssl req -x509 -newkey rsa:4096 -keyout myCA.key -out myCA.pem -days 3650 \
  -subj "/​C=CZ/​L=Ostrava/​O=Labka/​OU=Infra/​CN=ca.labka.cz/​emailAddress=admin@admin"​ \  -subj "/​C=CZ/​L=Ostrava/​O=Labka/​OU=Infra/​CN=ca.labka.cz/​emailAddress=admin@admin"​ \
  ​-passout file:passwd  ​-passout file:passwd
Line 126: Line 126:
 $ adtool list '​ou=People,​dc=labka,​dc=cz'​ $ adtool list '​ou=People,​dc=labka,​dc=cz'​
 </​code>​ </​code>​
 +==== Linky ====
 +[[http://​henning.kropponline.de/​2014/​09/​14/​openldap-setup-w-ca-signed-certificate-centos/​|]]
 +
 +[[https://​www.openssl.org/​docs/​man1.0.2/​apps/​x509v3_config.html|]]
 +
 +[[http://​jordaneunson.com/​2009/​10/​openvpn-access-server-openldap-memberof/​|]]
 +
 +[[https://​ripe71.ripe.net/​presentations/​32-Automated-Certificate-Management.pdf|]]
  • project/pki.txt
  • Last modified: 2017/09/05 08:56
  • by licho