[Techtalk] certificates

[Maria McKinley]

Wim De Smet wrote:

> In principle you should end up with a v3 cert since you're using v3
> extensions on the req. Well, I think. Check if the request has the
> requested extensions section. I think these are getting lost
> somewhere, perhaps because of ca's copy_extensions?
> 
> BTW, the bugs and warnings sections of ca(1) is particularly amusing to read.
> 
> regards,
> Wim
> _________

I have concluded that the problem is not with my certificates or my 
slapd.conf file. A friend with debian used my config file, and created 
certs/keys using the same instructions as I was using, and was able to 
start slapd without any problems. I compared the certs he had created 
with the ones I had created, and they are the same in every way that 
matters. Is there anything else, maybe another config file somewhere, 
that tls uses in conjunction with slapd that could be screwing things 
up? What other things could possibly cause tls to not work besides 
slapd.conf and the certs/keys?

thanks,
maria