Howard Chu wrote: > Quanah Gibson-Mount wrote: >> --On Tuesday, December 18, 2018 5:53 PM +0000 Howard Chu <h...@symas.com> >> wrote: >> >>>> >>>> ---------------- servers/slapd/bconfig.c ----------------------- >>> >>>> olcTLSCertificateKey -- ??? (Private SYNTAX OID) Shouldn't the SYNTAX >>>> be 1.3.6.1.4.1.1466.115.121.1.8? And use certificateExactMatch? >>> >>> No, a key is not a certificate. Keys are stored in PKCS#8 encoding. >> >> So what's the matching rule for it? ;) > > I suppose it'll have to be octetStringMatch.
The syntax needs to be changed, it should be 1.2.840.113549.1.8. I don't see any benefit to using anything other than octetStringMatch though. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
