Quanah Gibson-Mount <quanah@stanford.edu> 12/20/04 06:31am
--On Sunday, December 19, 2004 5:11 PM +0100 Guillaume Rousse
<rousse@ccr.jussieu.fr> wrote:
Without TLS, slapd works OK. But when activating it, slapd refuse
to
start:
Dec 15 23:36:58 ryu slapd2.2[22683]: bdb_db_init: Initializing bdb
database
Dec 15 23:36:58 ryu slapd2.2[22683]: main: TLS init def ctx failed:
-1
Dec 15 23:36:58 ryu slapd2.2[22683]: slapd stopped.
Dec 15 23:36:58 ryu slapd2.2[22683]: connections_destroy: nothing
to
destroy.
Here is my TLS configuration:
# TLS configuration
TLSCertificateFile /etc/ssl/crt/ldap.pem
TLSCertificateKeyFile /etc/ssl/key/ldap.pem
TLSCACertificateFile /etc/ssl/crt/ca.pem
This happens on mdk 10.1, with openldap 2.2.17. The same
configuration,
with the same certificates, works fine on Debian with openldap
2.1.29.
Any idea ?
Start slapd with -d -1 and get a better error message?
--Quanah
Do the Debian (which works) and Mandrake (which does not work) systems
have the same FQDN? The certificate's CN part of the DN must match the
host name of the machine that starts OpenLDAP (see Admin Guide 11.1.1,
first sentance). IIRC, slapd will refuse to start if this is not the
case.