I am just now venturing for the first time into using SSL with OpenLDAP. The principal problem (or at least the first symptom of the problem) is that the server is listening only on port 389 and not 636 (according to netstat) OpenLDAP was built with the '--with-tls' configuration parameter. While I intend get a regular certificate, for testing purposes I created my own certificate using CA.pl. I copied the output files to where I want to keep them and added the additional configuration info to slapd.conf: TLSCertificateFile /usr/local/etc/openldap/Certs/newcert.pem TLSCertificateKeyFile /usr/local/etc/openldap/Certs/newkey.pem When I start OpenLDAP, I'm prompted to enter the PEM pass phrase. A ps command confirms that the start-up script did the right thing: /usr/local/libexec/slapd -u ldap -h ldap:/// ldaps:/// But ssl connections fail and a netstat command only shows the server listening on port 389. Is there something I'm missing at this point merely to get the server listening on port 636? Thanks. -- Rob Tanner UNIX Services Manager Linfield College, McMinnville OR
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature