2008/12/15 Philip Guenther
<guenther+ldapsoft@sendmail.com>
On Mon, 15 Dec 2008, Alfonsas Stonis wrote:
...
> Dec 15 14:28:21 axew0204 slapd[24383]: main: TLS init def ctx failed: -60
Why haven't you looked up those error numbers in the GNUtls docs?
#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60
(If I was in your position, I would would remove OpenLDAP from the picture
and work out a valid cert, key, and CAcert combo using just the tools
provided by GNUtls. I would hope the GNUtls documentation has the
necessary examples and information to do that; lacking that, I would
consult the help-gnutls@gnu.org mailing list. Once that's worked out, you
can address the OpenLDAP bits with some confidence that you're not giving
it bad data.)
Philip Guenther