[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem running TLS with ldap 2.2.17



Quanah Gibson-Mount wrote:


--On Sunday, December 19, 2004 5:11 PM +0100 Guillaume Rousse <rousse@ccr.jussieu.fr> wrote:

Without TLS, slapd works OK. But when activating it, slapd refuse to
start:
Dec 15 23:36:58 ryu slapd2.2[22683]: bdb_db_init: Initializing bdb
database
Dec 15 23:36:58 ryu slapd2.2[22683]: main: TLS init def ctx failed: -1
Dec 15 23:36:58 ryu slapd2.2[22683]: slapd stopped.
Dec 15 23:36:58 ryu slapd2.2[22683]: connections_destroy: nothing to
destroy.

Here is my TLS configuration:
# TLS configuration
TLSCertificateFile      /etc/ssl/crt/ldap.pem
TLSCertificateKeyFile   /etc/ssl/key/ldap.pem
TLSCACertificateFile    /etc/ssl/crt/ca.pem

This happens on mdk 10.1, with openldap 2.2.17. The same configuration,
with the same certificates, works fine on Debian with openldap 2.1.29.

Any idea ?


Start slapd with -d -1 and get a better error message?
Right, I finaly understood that slapd now was running under another id as root, and my key perms were too restrictive. Thanks.

--
All foods assume a uniform taste, texture, and color when freeze-dried
		-- Murphy's Laws of Camping n°15