From: "Dominic Jäger" <d.jaeger@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] SPAM: [PATCH docs] pveum: Add information about realm certificates
Date: Thu, 15 Oct 2020 12:00:19 +0200 [thread overview]
Message-ID: <20201015100019.311138-2-d.jaeger@proxmox.com> (raw)
In-Reply-To: <20201015100019.311138-1-d.jaeger@proxmox.com>
As explained by Dominik and Fabian [0].
[0] https://bugzilla.proxmox.com/show_bug.cgi?id=2827
Signed-off-by: Dominic Jäger <d.jaeger@proxmox.com>
---
pveum.adoc | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/pveum.adoc b/pveum.adoc
index 4fbaa86..57e1b37 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -163,6 +163,11 @@ configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
(e.g. `/etc/pve/priv/ldap/my-ldap.pw`). This file should contain a
single line containing the raw password.
++
+To verify certificates, it is necessary to set `capath`, either directly to the
+CA certificate of your LDAP server, or to the system path containing all
+trusted CA certificates (`/etc/ssl/certs`).
+Additionally, the `verify` option has to be set.
Microsoft Active Directory::
--
2.20.1
next prev parent reply other threads:[~2020-10-15 10:00 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-15 10:00 [pve-devel] [PATCH manager] ui: Fix #2827: Add verify SSL cert checkbox for ldap Dominic Jäger
2020-10-15 10:00 ` Dominic Jäger [this message]
2020-10-22 16:57 ` [pve-devel] applied: SPAM: [PATCH docs] pveum: Add information about realm certificates Thomas Lamprecht
2020-10-22 16:53 ` [pve-devel] applied: [PATCH manager] ui: Fix #2827: Add verify SSL cert checkbox for ldap Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201015100019.311138-2-d.jaeger@proxmox.com \
--to=d.jaeger@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.