Dunk Chen, You can try in /usr/local/etc/ldap/ directory: $ openssl req -new -x509 -nodes -out server.cer -keyout server.pem -days 365 Then,go to the slapd.conf file and do the following changes: TLSCertificateFile /usr/local/etc/ldap/server.cer TLSCertificateKeyFile /usr/local/etc/ldap/server.pem TLSCACertificateFile /usr/local/etc/ldap/server.cer Hope it useful for you :-) Zhang Fei zhfei@sdb.ac.cn 2002-11-17 ============================= R&D of SDB Department CNIC,CAS,Beijing of CHINA 100080 ======= 2002-11-17 21:19:00 =======Dear all: I want to enable ssl supported on slapd. Following the reference I've got. I modified the slapd.conf with three lines as follows: TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /usr/share/ssl/certs/slapd.pem TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem But..... I can't start my slapd anymore. The slapd just exited immediately when I start by command ./slapd -h "ldaps://127.0.0.1/". ps. I can normally start up my slapd without extra ssl configuration. the reference I got is from: http://online.securityfocus.com/infocus/1428 Best reguards.= = = = = = = = = = = = = = = = = = = =