[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Openldap with TLS openssl fail
En réponse à Xavier Poirier <xpoirier@ch-bourg01.fr>:
sorry,
it was an error of myself :
I had the wrong cacert.pem file !
it work for running slapd now.
I have still a problem with the DN it seems
trying the openssl s_client ... command gives me an error :
"unable to get TLS client DN error=49"
and next a TLS: can't accept.
TLS: error:140760FC:SSL (...) unknown protocol ...
not easy
Xavier
> Hi all,
>
> I'm new in this ML.
> After reading, and reading again the Software ML, I still
> doesn't find
> any solution to my problem.
> Here it is:
>
> Config: Mandrake 9.2 , Openldap 2.1.22 , openssl 0.9.7b,
> cyrus-sasl 2.1.15
>
> I have generated the keys like the FAQ says , it seems ok,
> but:
>
> starting slapd :
>
> slapd -d 256 -f /etc/openldap/slapd.conf -u ldap -g ldap -h
> "ldaps:///"
>
> Generate errors :
>
> TLS: could not load verify locations
> (file:"/etc/openldap/cakey.pem",dir:"/etc/openldap/")
> main: TLS init def ctx failed: -1
> slapd stopped
> ...
>
> Strange ...
>
> Any ideas ?
>
> Thanks
>
> Xavier
>
> --------------------------------------------------------------------
> Ce courriel est envoyé au travers de l' interface IMP:
> ch-bourg01.fr
> Ce message a été passé automatiquement à l' antivirus
> This email have been sent through Imap Mail Program:
> ch-bourg01.fr
> This message have been scanned with an antivirus scanner
>
>
***** Xavier Poirier *****
*** Technicien Informatique ***
* Centre Hospitalier de Bourg en Bresse *
* Tel : 04 74 45 41 17 *
*** eFax : 04 74 23 04 53 ***
***** mailto:xpoirier@ch-bourg01.fr *****
--------------------------------------------------------------------
Ce courriel est envoyé au travers de l' interface IMP: ch-bourg01.fr
Ce message a été passé automatiquement à l' antivirus
This email have been sent through Imap Mail Program: ch-bourg01.fr
This message have been scanned with an antivirus scanner