My Learnings

Educating yourself does not mean that you were stupid in the first place; it means that you are intelligent enough to know that there is plenty left to 'learn'. -Melanie Joy

Friday, 23 June 2017

OpenLDAP - How to enable CRL check for LDAP TLS connections?

June 23, 2017 Posted by Dinesh , , , , , ,
Refer the old post to understand more about certificate chain verification and CRL. Here we will see how to establish a secure connection using OpenLDAP. OpenLDAP provides set of "set" options through which we can enable the CRL check, supply required certificates and we can set the verify call back. Using this verify call back we can control OpenLDAP behavior on each certificate verification. Below...

Tuesday, 23 May 2017

OpenSSL - How to verify certificate chain with CRL?

May 23, 2017 Posted by Dinesh , , ,
When any certificate is issued, it has a validity period which is defined by the Certification Authority. Usually, this is one or two years. However, sometimes certificates should not be honored even during their validity period. For example, if the private key associated with a certificate is lost or exposed, then any authentication using that certificate should be denied. That's where CRL comes...