Permalink
Browse files

FAQ.pm: example for certificateExactMatch

  • Loading branch information...
1 parent fe0c2ae commit 0ab51aea4fb283358af78a3be3c5e0cd4691965b @marschap marschap committed Dec 8, 2012
Showing with 17 additions and 0 deletions.
  1. +17 −0 lib/Net/LDAP/FAQ.pod
View
@@ -1504,6 +1504,23 @@ modify will fail with an object class violation error. The inetOrgPerson
structural object class permits userCertificates, as does the
strongAuthenticationUser auxiliary object class. Others might also.
+=head2 How do I search objects by the contents of certificates.
+
+The directory needs to support one or more of the certificate*Match
+matching rules.
+
+Then using the filter (for certificateExactMatch)
+
+ (userCertificate={ serialNumber 1234, issuer "cn=CA,o=TrustCenter" })
+
+allows searching for the objects containing the attribute userCertificate with
+a certificate matching these criteria.
+
+Please note that the exact syntax of the values for the serialNumber and the
+issuer above may depend on the LDAP server.
+In any case the example above works with OpenLDAP 2.4.33.
+
+
=head1 ADDITIONAL DIRECTORY AND LDAP RESOURCES.
=head2 URLs.

0 comments on commit 0ab51ae

Please sign in to comment.