[sudo-users] Sudo LDAP+TLS in 1.7.2
Todd C. Miller
Todd.Miller at courtesan.com
Tue Sep 21 12:18:42 EDT 2010
In message <AANLkTimPZ7fsRE-Ob04mTy3+7H5JKa5ndF6pCseMMc2z at mail.gmail.com>
so spake "Tony G." (tonysk8):
> Looks like this version(1.7.2) ignores my line:
> tls_cacertdir /etc/openldap/cacerts
Strange, it looks like it is being parsed OK. I don't know why
openldap (or openssl) would not be using it unless there are multiple
CA files in the directory with conflicting data.
> I needed to add:
> *tls_cacertfile* /etc/openldap/cacerts/ca.pem
Whoops, I meant to change that to tls_cacertfile before I sent it.
More information about the sudo-users