PKINIT and LDAP
When I had my realm backended with kdb pkint worked with certificates
just fine. Now that I have setup my realm to have an ldap backend when I
try to kinit with certificates my kdc seg faults.
Well it is actually openssl that crashes on a call to
X509_get_subject_name() the only reason I could really see this call
failing is if the data being passed to it not really an x509 cert?
Any ideas why this could be happening? Do I have to have the client cert
in ldap? Could this be a configuration problem?
Canadian Bank Note Co. Ltd.
- Re: [Full-disclosure] RDP, can it be done safely?
... But I thought it could be configured to require a client cert? ... server side and the "-v 3" option in config which I think should force ... validation against locally installed certificates. ...
- Re: PKINIT and LDAP
... Now that I have setup my realm to have an ldap backend when I try to kinit with certificates my kdc seg faults. ... Well it is actually openssl that crashes on a call to X509_get_subject_namethe only reason I could really see this call failing is if the data being passed to it not really an x509 cert? ... Before I was using the LDAP backend I was using the same cert generation process and everything worked just fine so I am fairly sure my certs are ok. ...
- Re: Allowing authorized remote users
... * Protect the client cert if used by a password/PIN ... Use hardware certificates e.g. smart card (RSA SecurID is another good ... protect from modifying the SOE and running malicious code! ...
- Re: [Full-disclosure] [GOATSE SECURITY] Clench: Goatses way to say "screw you" to certificate au
... I'd rather stay on the grounds of certificates, where scaling has been ... you need means to verify that party. ... This is as equally secure as installing a client cert. ...
- Re: HELP - Cert Svr and IIS
... Win 2003 Enterprise Server you can use autoenrollment. ... Directory service mapping to map the certificates to user accounts when the ... i created a page that requrie client cert. ...