[pve-devel] SPAM: [PATCH docs] pveum: Add information about realm certificates
Dominic Jäger
d.jaeger at proxmox.com
Thu Oct 15 12:00:19 CEST 2020
As explained by Dominik and Fabian [0].
[0] https://bugzilla.proxmox.com/show_bug.cgi?id=2827
Signed-off-by: Dominic Jäger <d.jaeger at proxmox.com>
---
pveum.adoc | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/pveum.adoc b/pveum.adoc
index 4fbaa86..57e1b37 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -163,6 +163,11 @@ configured via the `bind_dn` property in `/etc/pve/domains.cfg`. Its
password then has to be stored in `/etc/pve/priv/ldap/<realmname>.pw`
(e.g. `/etc/pve/priv/ldap/my-ldap.pw`). This file should contain a
single line containing the raw password.
++
+To verify certificates, it is necessary to set `capath`, either directly to the
+CA certificate of your LDAP server, or to the system path containing all
+trusted CA certificates (`/etc/ssl/certs`).
+Additionally, the `verify` option has to be set.
Microsoft Active Directory::
--
2.20.1
More information about the pve-devel
mailing list