Peter Marschall wrote:
Also note that when you create certificate, you have to use the FQDN as Common name,Hi,
On Saturday 02 July 2005 01:41, Alvaro Poole wrote:
Hi, I´m having problems configuring Openldap with TLS/SSL. First of all, I´m trying to put a server certificate, so I create a certificate with OpenSSL with the next line:
openssl req -newkey rsa:1024 -x509 -nodes -out ldapcert.pem -keyout ldapcert.pem -days 365
After this, I configured my slapd.conf with the next lines (but before, I copied ldapcert.pem to slapd.conf directory):
TLSCACertificateFile ldapcert.pem
TLSCertificadteFile ldapcert.pem
TLSCertificateKeyFile ldapcert.pem
Apart from the typo that Samuel Tra already reported, it may be a problem that you use the CA certificate as the server certificate.
IIRC OpenLDPA requires the server certificate to be different from the CA certificate.
The OpenLDAP FAQ gives more details about how to use TLS/SSL with OpenLDAP:
http://www.openldap.org/faq/index.cgi?_highlightWords=self%20signed&file=185
CU PEter
For details refer to http://www.proscrutiny.com/howtos/OpenLDAP.html Read section "Configuring OpenLDAP with ssl/tls"
Regards,
-- Sameer N. Ingole /*****************************************************/ Better to light one candle than to curse the darkness. /*****************************************************/