openldap: enable TLS_CACERT

author: Thomas Backlund <tmb@mageia.org> 2015-11-22 00:26:54 +0100
committer: Olivier Blin <dev@blino.org> 2015-11-30 01:32:43 +0100
commit: 8822d1c7be9cfe2783f886922a778410bacd93cc (patch)
tree: 525de92b4b5a0fb5f48e098cdbdedff0404a5f9a
parent: d03ddf747d9e8e983ec85160d7bf4c3a309e1c0c (diff)
download: puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar
puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar.gz
puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar.bz2
puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar.xz
puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/pam/templates/openldap.ldap.conf b/modules/pam/templates/openldap.ldap.conf
index 7461d160..2e1c513c 100644
--- a/modules/pam/templates/openldap.ldap.conf
+++ b/modules/pam/templates/openldap.ldap.conf
@@ -18,7 +18,7 @@ TLS_REQCERT     allow
 # Use the default self-signed cert generated by openldap-server postinstall
 # by default 
 #TLS_CACERT      /etc/pki/tls/certs/ldap.pem
-#TLS_CACERT     /etc/ssl/openldap/ldap.mageia.org.pem
+TLS_CACERT     /etc/ssl/openldap/ldap.<%= domain %>.pem
 
 # If requiring support for certificates signed by all CAs (noting risks
 # pam_ldap if doing DNS-based suffix lookup etc.
author	Thomas Backlund <tmb@mageia.org>	2015-11-22 00:26:54 +0100
committer	Olivier Blin <dev@blino.org>	2015-11-30 01:32:43 +0100
commit	8822d1c7be9cfe2783f886922a778410bacd93cc (patch)
tree	525de92b4b5a0fb5f48e098cdbdedff0404a5f9a
parent	d03ddf747d9e8e983ec85160d7bf4c3a309e1c0c (diff)
download	puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar.gz puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar.bz2 puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.tar.xz puppet-8822d1c7be9cfe2783f886922a778410bacd93cc.zip