[Ilugc] How to get an SSL Certificate for linux fromW2k3

• From: vpadarsh@xxxxxxxxx (~adarsh~)
• Date: Mon May 29 10:26:58 2006

On 5/29/06, KaruppuSwamy T <karuppuswamy@xxxxxxxxx> wrote:

where the certificates are stored in linux what will be the file
name.(according to the documentation i am following to authenticate
linux to windows AD they r taking about the certificates files ). Can

Please let me know what is your client application?

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041215
Firefox/1.0 Red Hat/1.0-12.EL4 .
 i am trying to make a single signon using the windows AD.
 now i am able to authenticate.but the session is closed immeditely
giving the error message
May 28 16:40:57 adclient login[4285]: pam_krb5[4285]: authentication
succeeds for 'adarsh' (adarsh@xxxxxxxxx)
May 28 16:40:57 adclient login[4285]: pam_ldap: ldap_simple_bind Can't
contact LDAP server
May 28 16:40:57 adclient login[4285]: Authentication service cannot
retrieve authentication info.
May 28 16:41:38 adclient login(pam_unix)[4288]: authentication
failure; logname=LOGIN uid=0 euid=0 tty=tty1 ruser= rhost=
user=aduser

 i was not able to do the steps in the documentation where they are
talking about the .cert and .pem files.I think these files hav
esomething to do with it.

can u give any suggetions?

When you navigate to CA
of W2K3 from your browser, you are downloading the certificate.

its is showing the pages and i can view the certificates from mozilla
preferences,

When you
install it from Mozilla browser, it is actually installed for a client
called Mozilla. This certificate will be combined in a file called
cert8.dbfile in your mozilla profile.

So if you want your custom client application to use this certificate, you
need a binary version of this certificate to be downloaded at your path.
This is usually done using GetCertificate API call in Windows based clients.
You can use HTTP query also to get the certificate independent of OS. One
workaround is simply saving the issued certificate in CA as binary file and
copy this to your linux client. If anyone has some other way to do it, i am
also interested.

Regards
T.KaruppuSwamy
_______________________________________________
To unsubscribe, email ilugc-request@xxxxxxxxxxxxx with
"unsubscribe <password> <address>"
in the subject or body of the message.
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc

• References:
  • [Ilugc] How to get an SSL Certificate for linux fromW2k3
    • From: ~adarsh~
  • [Ilugc] How to get an SSL Certificate for linux fromW2k3
    • From: KaruppuSwamy T
  • [Ilugc] How to get an SSL Certificate for linux fromW2k3
    • From: ~adarsh~
  • [Ilugc] How to get an SSL Certificate for linux fromW2k3
    • From: KaruppuSwamy T

Other related posts:

• » [Ilugc] How to get an SSL Certificate for linux fromW2k3- ~adarsh~
• » [Ilugc] How to get an SSL Certificate for linux fromW2k3- KaruppuSwamy T
• » [Ilugc] How to get an SSL Certificate for linux fromW2k3- ~adarsh~
• » [Ilugc] How to get an SSL Certificate for linux fromW2k3- KaruppuSwamy T
• » [Ilugc] How to get an SSL Certificate for linux fromW2k3 - ~adarsh~

1. Home
2. ilugc
3. Archive
4. 05-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---