Solaris & TLS, Best Friends

I got TLS LDAP authentication working in Solaris 10 today. Hooray!

Realistically, this is not really that big of a deal, except that finding the appropriate instructions to do so is near impossible. People say "use certutil!" or "load up firefox go to https://ldapserver:636 and save the cert then copy the files" and this and that and ugh.

So here are some notes. I hope they help you.

You’re done. Run ldapclient to set up LDAP and it should work fine. Do this, then use certutil -d /var/ldap -L and figure out how you may be able to script it. Or just run with it. Your call.

Note: This was posted a year ago. I should mention, you should use a fresh Firefox profile for this -- no use in accidentially carrying over unnecessary secrets to a config that may be distributed out to many systems.