[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS config question



I've installed cyrus-sasl-2.1.2 and openldap-2.0.23, set up a simple
slapd.conf and test database.

When I run slapd with defaults,
$ ldapsearch -x -H "ldap://localhost:389"; -b "cn=Manager,dc=mydomain,dc=com"
produces the expected result.

Now I add these two lines to slapd.conf:
TLSCertificateFile /usr/local/etc/httpd/ssl.crt/snakeoil-rsa.crt
TLSCertificateKeyFile /usr/local/etc/httpd/ssl.key/snakeoil-rsa.key
and run:
# /usr/local/libexec/slapd -h ldaps://localhost:636

But:
$ ldapsearch -x -H "ldaps://localhost:636" -b "cn=Manager,dc=mydomain,dc=com"
ldap_bind: Can't contact LDAP server

The log shows this:
Jun 10 19:16:41 hotdog slapd[16217]: slapd starting 
Jun 10 19:17:05 hotdog slapd[16219]: daemon: conn=0 fd=9 connection from IP=127.0.0.1:33538 (IP=127.0.0.1:31746) accepted. 
Jun 10 19:17:05 hotdog slapd[16219]: conn=-1 fd=9 closed 

What does it mean?

TIA,

-- 

Mark Johnson
markj@gilanet.com