[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: how to configure tls and ldap

To: openldap-software@openldap.org
Subject: Re: how to configure tls and ldap
From: Markus Wernig <listener@wernig.net>
Date: Thu, 11 Dec 2008 13:05:20 +0100
In-reply-to: <b701dd860812102204s6ff1096ue28afdc35be758b4@mail.gmail.com>
References: <b701dd860812102204s6ff1096ue28afdc35be758b4@mail.gmail.com>
User-agent: Thunderbird 2.0.0.18 (Windows/20081105)

Hi

You have either - set permissions on the certificates/keys that do not allow slapd to read them (check also directory permissions). or - /etc/ldap/ssl/demoCA/newreq.pem is not a RSA private key. This depends on how you created your certificate. If you followed the instructions in http://www.openldap.org/faq/data/cache/185.html, you should have your certificates and keys in a separate folder. The demoCA component in your path names shows that you seem to have created the CA under /etc/ldap/ssl/demoCA, which was probably not what you wanted (hint: don't run CA.sh from /etc/ldap/ssl).

Please follow the instructions more closely and locate the following three files and verify that slapd has read access to them:

1) CA certificate
2) slapd's private key
3) slapd's certificate

kind regards
/markus

Alfonsas Stonis wrote:

Dec 11 16:47:41 axew0204 slapd[434]: main: TLS init def ctx failed: -34

References:
- how to configure tls and ldap
  - From: "Alfonsas Stonis" <alfonsasstonis@gmail.com>

Prev by Date: Re: how to configure tls and ldap
Next by Date: Re: Unable do slapadd a LDIF dump from slapd 2.2.6 to slapd 2.4.9
Index(es):
- Chronological
- Thread