9 More Discussions You Might Find Interesting
1. AIX
Hi folks,
How can i configure an AIX LDAP client to authenticate against an Linux Openldap server over TLS/SSL?
It works like a charm without TLS/SSL.
i would like to have SSL encrypted communication for ldap (secldapclntd) and ldapsearch etc. while accepting every kind of certificate/CA.... (6 Replies)
Discussion started by: paco699
6 Replies
2. UNIX for Dummies Questions & Answers
How do I find out the SSL cert info on the local server?
How do I know if an ssl cert is installed on local server?
How it was issued to?
Who was the issuer?
What's the expiration date?
Any other relevant information? (1 Reply)
Discussion started by: scj2012
1 Replies
3. Shell Programming and Scripting
Hi,
I am trying to find the script which will ask for SSL Cert and Key file name/path. The output of both should be matched and compared. If the output are same than the script final output should be Certificate Matches and if it doesn't than Output don't match.
Is there any way we can create... (0 Replies)
Discussion started by: SachinD
0 Replies
4. UNIX for Advanced & Expert Users
Hello to all,
I'm beguinner in Linux instalations and I'm trying to Communicate from Web Sites that i have running under apache with openLDAP for users authentication using SSL mediation that seems to be connected with LDAPS.
Can someone advise me how to do this, I have already installed... (1 Reply)
Discussion started by: CPMarco
1 Replies
5. Red Hat
Hi guys, Those who work on Apache may help me on this.
I have following problem
Description:
The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate
connections. The computational requirements for renegotiating a connection are
asymmetrical between the... (3 Replies)
Discussion started by: manalisharmabe
3 Replies
6. UNIX for Dummies Questions & Answers
hi guys
I configured my openldap but now I want to implement SSL-TLS
This is my basic slapd.conf configuration
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include ... (2 Replies)
Discussion started by: karlochacon
2 Replies
7. UNIX for Dummies Questions & Answers
Hi. One of my company's customers requires mails to be sent to them to use TLS. Thanks to some good documentation on the web, I've got this mostly figured out, but now I'm stuck at generating the CSR.
My company's mail domain is sg.bunny.com (not real address, obviously), but the email gateway... (0 Replies)
Discussion started by: pierreery
0 Replies
8. Cybersecurity
Here's a pretty good, and even PHB-compatible, explanation of the current TLS/SSl protocol vulnerability, including samples. (0 Replies)
Discussion started by: pludi
0 Replies
9. UNIX for Dummies Questions & Answers
We have a requirement to setup secure ftp between our AIX v5.3 system and
our mainframe. We don't want to use openssh with sftp and scp. Our mainframe uses ftp over ssl/tls so we have to use this on our AIX box. We have openssl on our AIX system but I'm not sure how to setup ssl/tls over ftp
on... (4 Replies)
Discussion started by: DANNYC
4 Replies
PKCSICSF(1) openCryptoki PKCSICSF(1)
NAME
pkcsicsf - configuration utility for the ICSF token
SYNOPSIS
pkcsicsf [-h] [-l|-a token name] [-b BINDDN] [-c client-cert-file] [-C CA-cert-file] [-k privatekey] [-m mechanism] [-u URI]
DESCRIPTION
The pkcsicsf utility lists available ICSF tokens and allows user to add one specific ICSF token to opencryptoki.
The ICSF token must be added first to opencryptoki. This creates an entry in the opencryptoki.conf file for the ICSF token. It also creates
a token_name.conf configuration file in the same directory as the opencryptoki.conf file, containing ICSF specific information. This
information is read by the ICSF token.
The ICSF token must bind and authenticate to an LDAP server. The supported authentication mechanisms are simple and sasl. One of these
mechanisms must be entered when listing the available ICSF tokens or when adding an ICSF token. Opencryptoki currently supports adding only
one ICSF token.
The system admin can either allow the ldap calls to utilize exisiting ldap configs, such as ldap.conf or .ldaprc for bind and authentica-
tion information or set the bind and authentication information within opencryptoki by using this utility and its options. The information
will then be placed in the token_name.conf file to be used in the ldap calls. When using simple authentication, the user will be prompted
for the racf password when listing or adding a token.
OPTIONS
-a token name
add the specified ICSF token to opencryptoki.
-b BINDND the distinguish name to bind when using simple authentication
-c client-cert-file
the client certificate file when using SASL authentication
-C CA-cert-file
the CA certificate file when using SASL authentication
-h show usage information
-k privatekey
the client private key file when using SASL authentication
-m mechanism
the authentication mechanism to use when binding to the LDAP server (this should be either simple or sasl)
-l list available ICSF tokens
-h show usage information
FILES
/etc/opencryptoki/opencryptoki.conf
the opencryptoki config file containing token configuration information
/etc/opencryptoki/token_name.conf
contains ICSF configuration information for the ICSF token
SEE ALSO
opencryptoki(7),
pkcsslotd(8).
pkcsconf(8).
3.0 April 2013 PKCSICSF(1)