cert2ldap(1)

1CERT2LDAP(L)                                                      CERT2LDAP(L)
2
3
4

NAME

6       cert2ldap - import a certificate into an LDAP server
7

SYNOPSIS

9       cert2ldap [ options ] [ certificatefile ]
10

OPTIONS

12       -hhostname
13              connect to server hostname.
14
15       -pport use port port instead of the usual LDAP port 389.
16
17       -i     store  the  issuer  distinguished name of the certificate in the
18              directory.
19
20       -s     store the subject distinguished name of the certificate  in  the
21              directory.
22
23       -c     store the certificate in binary form in the directory.
24
25       -n     store the serial number of the certificate in the directory.
26
27       -d     increase debug level.
28
29       -Dtargetdn
30              add all the attributes specified to the entry with distinguished
31              name targetdn.
32
33       -bbinddn
34              bind as user binddn to the directory.
35
36       -wpassword
37              use password to bind to the directory.
38
39       -oowner
40              create a certificate mapping entry that specifies owner  as  the
41              owner of the certificate.
42
43       -Vversion
44              use LDAP protocol version version to connect to the server.
45
46       -B     use "userCertifiate;binary" format for update, some servers seem
47              to require this, others are happy without.
48
49

DESCRIPTION

51       Cert2ldap is used to import a certificate into  an  LDAP  directory  in
52       such a as to allow the mod_authz_ldap Apache module to authenticate and
53       authorize users based on their certificates.  The certificate is either
54       specified as a certificatefilename argument on the command line or read
55       from standard input.  There are essentially two ways to  use  the  pro‐
56       gram:  either a certificate is added as a userCertifcate attribute to a
57       users node, or a certificate mapping node is added  somewhere  else  in
58       the directory, referencing the user.
59
60       The  second  form is active as soon as one if the options -i, -s, -o or
61       -n are used. The first form uses only the -c option. The  correct  con‐
62       figuration of the entires can be checked using the certfind(1) program.
63
64       If  the  node  to be updated does not exist yet, a minimal node is cre‐
65       ated.  However this is only marginally useful in the  case  of  a  node
66       containing the certificate proper.
67

AUTHOR

73       Andreas F. Mueller <andreas.mueller@othello.ch>
74
75
76
77
78MOD_AUTHZ_LDAP                     21/04/01                       CERT2LDAP(L)

NAME

SYNOPSIS

OPTIONS

DESCRIPTION

SEE ALSO

AUTHOR