svn commit: r1546042 - /vcl/site/trunk/content/docs/ldap-showhostname.mdtext

[jf...@apache.org]

Author: jfthomps
Date: Wed Nov 27 14:16:10 2013
New Revision: 1546042

URL: http://svn.apache.org/r1546042
Log:
added real content

Modified:
    vcl/site/trunk/content/docs/ldap-showhostname.mdtext

Modified: vcl/site/trunk/content/docs/ldap-showhostname.mdtext
URL: http://svn.apache.org/viewvc/vcl/site/trunk/content/docs/ldap-showhostname.mdtext?rev=1546042&r1=1546041&r2=1546042&view=diff
==============================================================================
--- vcl/site/trunk/content/docs/ldap-showhostname.mdtext (original)
+++ vcl/site/trunk/content/docs/ldap-showhostname.mdtext Wed Nov 27 14:16:10 2013
@@ -16,4 +16,23 @@ Notice:    Licensed to the Apache Softwa
            specific language governing permissions and limitations
            under the License.
 
-stub page
\ No newline at end of file
+The hostname in an SSL certificate used for LDAP must match the hostname entered in 
+the conf.php file (this is the SSL certificate actually installed on the LDAP server,
+not the CA certificate). If you have no control over making it match, you can just put
+an entry in /etc/hosts with the IP of the LDAP server and the hostname that is in
+the certificate. To view the hostname in the certificate, you need a file containing
+the certificate (mycert.pem is used in the example). Run the following command to see
+the hostname that is set in the certificate:
+
+<pre>
+openssl x509 -in /tmp/mycert.pem -subject -noout
+</pre>
+
+You should see something like:
+
+<pre>
+subject= /OU=Domain Control Validated/CN=ldap.example.edu
+</pre>
+
+The hostname is after the **CN=** part. So, **ldap.example.edu** is the hostname in
+this example.
\ No newline at end of file