[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem running TLS with ldap 2.2.17

To: openldap-software@OpenLDAP.org
Subject: Re: problem running TLS with ldap 2.2.17
From: Guillaume Rousse <rousse@ccr.jussieu.fr>
Date: Mon, 20 Dec 2004 20:17:40 +0100
In-reply-to: <E84FC0D591855A560267E156@cadabra-dsl.stanford.edu>
References: <41C5A83F.4050008@ccr.jussieu.fr> <E84FC0D591855A560267E156@cadabra-dsl.stanford.edu>
User-agent: Mozilla Thunderbird 1.0 (X11/20041216)

Quanah Gibson-Mount wrote:

--On Sunday, December 19, 2004 5:11 PM +0100 Guillaume Rousse <rousse@ccr.jussieu.fr> wrote:

Without TLS, slapd works OK. But when activating it, slapd refuse to
start:
Dec 15 23:36:58 ryu slapd2.2[22683]: bdb_db_init: Initializing bdb
database
Dec 15 23:36:58 ryu slapd2.2[22683]: main: TLS init def ctx failed: -1
Dec 15 23:36:58 ryu slapd2.2[22683]: slapd stopped.
Dec 15 23:36:58 ryu slapd2.2[22683]: connections_destroy: nothing to
destroy.

Here is my TLS configuration:
# TLS configuration
TLSCertificateFile      /etc/ssl/crt/ldap.pem
TLSCertificateKeyFile   /etc/ssl/key/ldap.pem
TLSCACertificateFile    /etc/ssl/crt/ca.pem

This happens on mdk 10.1, with openldap 2.2.17. The same configuration,
with the same certificates, works fine on Debian with openldap 2.1.29.

Any idea ?

Start slapd with -d -1 and get a better error message?

Right, I finaly understood that slapd now was running under another id as root, and my key perms were too restrictive. Thanks.

--
All foods assume a uniform taste, texture, and color when freeze-dried
		-- Murphy's Laws of Camping n°15

References:
- problem running TLS with ldap 2.2.17
  - From: Guillaume Rousse <rousse@ccr.jussieu.fr>
- Re: problem running TLS with ldap 2.2.17
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: ldap and network outage
Next by Date: Re: problem running TLS with ldap 2.2.17
Index(es):
- Chronological
- Thread