ldapget(8) ldapget(8)
NAME
ldapget - Tool used to fetch URLs via LDAP/LDAPS
SYNOPSIS
ldapget [NSS database] <url>
DESCRIPTION
A tool supplied with the Apache httpd mod_revocator plug-in used to demonstrate how CRLs can be fetched using LDAP/LDAPS without the use of
any direct LDAP/LDAPS URLs.
The mod_revocator plug-in requires the mod_nss plug-in to also be registered with this Apache httpd process.
Prior to mod_revocator-1.0.3-16, this tool was located at /usr/bin/ldapget.
OPTIONS
[NSS database]
Optionally specifies the destination directory where the NSS databases reside. If this parameter is not provided, the location
specified in mod_nss plug-in's /etc/httpd/conf.d/nss.conf configuration file will be utilized:
# Server Certificate Database:
# The NSS security database directory that holds the
# certificates and keys. The database consists
# of 3 files: cert8.db, key3.db and secmod.db.
# Provide the directory that these files exist.
NSSCertificateDatabase /etc/httpd/alias
<url>
The LDAP/LDAPS URL utilized to fetch the CRL. The following entry in mod_revocator plug-in's /etc/httpd/conf.d/revocator.conf con-
figuration file contains a sample utilization of this executable (the line containing ldapget must be uncommented in order to be
utilized):
# CRL URLs:
# A space delimited list of URLs to retrieve and install.
# protocol://urldata;update_interval;max_age
#CRLFile "ldap://ldap.example.com:5000/o=example.net?
usercertificate%3binary?sub?(sn=Jensen)??;30;30"
#CRLFile "exec:///usr/sbin/ldapget|ldap://ldap.example.com:
3389/o=example.com?userCertificate%3bbinary?sub?
(uid=crl)??;30;30"
#CRLFile "https://ca.example.com:1025/getCRL?op=
getCRL&issuepoint=MasterCRL;30;30"
BUGS
Report bugs to http://bugzilla.redhat.com.
AUTHORS
Rob Crittenden <rcritten@redhat.com>.
COPYRIGHT
Copyright (c) 2013 Red Hat, Inc. This is licensed under the Apache License, Version 2.0 (the "License"); no one may use this file except in
compliance with the License. A copy of this license is available at http://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITH-
OUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and
limitations under the License.
Rob Crittenden Jul 3 2013 ldapget(8)