[sudo-users] Sudo LDAP+TLS in 1.7.2

Todd C. Miller Todd.Miller at courtesan.com
Tue Sep 21 12:18:42 EDT 2010

In message <AANLkTimPZ7fsRE-Ob04mTy3+7H5JKa5ndF6pCseMMc2z at mail.gmail.com>
	so spake "Tony G." (tonysk8):

> Looks like this version(1.7.2) ignores my line:
> tls_cacertdir /etc/openldap/cacerts

Strange, it looks like it is being parsed OK.  I don't know why
openldap (or openssl) would not be using it unless there are multiple
CA files in the directory with conflicting data.

> I needed to add:
> *tls_cacertfile* /etc/openldap/cacerts/ca.pem

Whoops, I meant to change that to tls_cacertfile before I sent it.

 - todd

More information about the sudo-users mailing list