ldapget(8)ldapget(8)NAMEldapget - Tool used to fetch URLs via LDAP/LDAPS
SYNOPSISldapget [NSS database] <url>
DESCRIPTION
A tool supplied with the Apache httpd mod_revocator plug-in used to
demonstrate how CRLs can be fetched using LDAP/LDAPS without the use of
any direct LDAP/LDAPS URLs.
The mod_revocator plug-in requires the mod_nss plug-in to also be reg‐
istered with this Apache httpd process.
Prior to mod_revocator-1.0.3-16, this tool was located at
/usr/bin/ldapget.
OPTIONS
[NSS database]
Optionally specifies the destination directory where the NSS
databases reside. If this parameter is not provided, the loca‐
tion specified in mod_nss plug-in's /etc/httpd/conf.d/nss.conf
configuration file will be utilized:
# Server Certificate Database:
# The NSS security database directory that holds the
# certificates and keys. The database consists
# of 3 files: cert8.db, key3.db and secmod.db.
# Provide the directory that these files exist.
NSSCertificateDatabase /etc/httpd/alias
<url>
The LDAP/LDAPS URL utilized to fetch the CRL. The following
entry in mod_revocator plug-in's /etc/httpd/conf.d/revoca‐
tor.conf configuration file contains a sample utilization of
this executable (the line containing ldapget must be uncommented
in order to be utilized):
# CRL URLs:
# A space delimited list of URLs to retrieve and install.
# protocol://urldata;update_interval;max_age
#CRLFile "ldap://ldap.example.com:5000/o=example.net?
usercertificate%3binary?sub?(sn=Jensen)??;30;30"
#CRLFile "exec:///usr/sbin/ldapget|ldap://ldap.example.com:
3389/o=example.com?userCertificate%3bbinary?sub?
(uid=crl)??;30;30"
#CRLFile "https://ca.example.com:1025/getCRL?op=
getCRL&issuepoint=MasterCRL;30;30"
BUGS
Report bugs to http://bugzilla.redhat.com.
AUTHORS
Rob Crittenden <rcritten@redhat.com>.
COPYRIGHT
Copyright (c) 2013 Red Hat, Inc. This is licensed under the Apache
License, Version 2.0 (the "License"); no one may use this file except
in compliance with the License. A copy of this license is available at
http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITH‐
OUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Rob Crittenden Jul 3 2013 ldapget(8)