CRL over LDAP : Différence entre versions
De Trustedbird Client Wiki
| Ligne 3 : | Ligne 3 : | ||
{{DownloadPanelAmo |
{{DownloadPanelAmo |
||
| title = crl-over-ldap |
| title = crl-over-ldap |
||
| − | | compat = {{Works-with-tb2}} {{Works-with-tb3}} |
+ | | compat = {{Works-with-tb2}} {{Works-with-tb3}} {{Works-with-tb3.1}} |
| amoId = 11394 |
| amoId = 11394 |
||
| info = ⇒ [http://adullact.net/plugins/scmgit/cgi-bin/gitweb.cgi?p=milimail/trustedbird.git;a=blob_plain;f=crl-over-ldap/ChangeLog;hb=HEAD ChangeLog] |
| info = ⇒ [http://adullact.net/plugins/scmgit/cgi-bin/gitweb.cgi?p=milimail/trustedbird.git;a=blob_plain;f=crl-over-ldap/ChangeLog;hb=HEAD ChangeLog] |
||
Version actuelle en date du 8 septembre 2010 à 11:07
English | Français
> Documentation > Add-on: CRL over LDAP > Technical Documentation
CRL over LDAP is an add-on for Mozilla Thunderbird 2 and 3 which allows import of Certificate Revocation Lists (CRL) from LDAP directories.
It adds the support feature of LDAP URLs in the import window of the CRL manager and schedules auto-updates of these CRLs.
Additional resources:
Important information
- CRL auto-update from HTTP/FTP (integrated in Thunderbird) and LDAP (with this add-on) is broken due to NSS bug #371522. A fix has been proposed and accepted and is now integrated in NSS. Thunderbird, since version 2.0.0.23, and Trustedbird (Thunderbird with additional features) are available with a fixed auto-update feature. This CRL over LDAP add-on provides also a workaround for this bug, working with all versions of Thunderbird (for HTTP/FTP and LDAP URLs).
- CRL manager window is not refreshed when a CRL is imported: #104137.
- LDAP authentication is not supported.
Usage
The CRL must be stored in DER format in a LDAP attribute value.
In the import window of the CRL manager, provide a LDAP URL following this syntax:
- ldap://host:port/dn?attribute?scope?filter?extensions
- e.g.: ldap://10.1.2.3/dc=milimail,dc=org?certificateRevocationList;binary?sub?cn=crl
