Re: Slapd Won't Start After TLS Was Configured

[Oliver Liebel <oliver@itc.li>]

Looks like certificate Files cant be found or seen by slapd,
you should check the used Path of the TLS-* Directives in the slapd.conf
Next, check the Permissions of the Certificicates an the Path, all must be
readable by the user your slapd is running with.

On the other side, you should upgrade to a newer version.
OL 2.2.13 is really outdated.

Greetings
Oliver


Luke Lee schrieb:
> Hi,
>  
> I've been trying to configure TLS with OpenLDAP on a RedHat Enterprise 
> 4u4 server running OpenLDAP 2.2.13 but failed. The ldap service won't 
> start and the following error messages are showing under the debugging 
> log:
>  
> TLS: could not load verify locations 
> (file:`/etc/openldap/TLS/cacert.pem',dir:`/etc/openldap/TLS').
> TLS: error:0200100D:system library:fopen:Permission denied bss_file.c:104
> TLS: error:2006D002:BIO routines:BIO_new_file:system lib bss_file.c:109
> TLS: error:0B084002:x509 certificate 
> routines:X509_load_cert_crl_file:system lib by_file.c:279
> main: TLS init def ctx failed: -1
> slapd shutdown: freeing system resources.
> slapd stopped.
> connections_destroy: nothing to destroy.
> Can anyone help resolve the problem please? Thanks!
>  
> Luke Lee
>
> ------------------------------------------------------------------------
> You rock. That's why Blockbuster's offering you one month of 
> Blockbuster Total Access 
> <http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com>, 
> No Cost.


____________
Virus checked by G DATA AntiVirusKit
Version: AVK 18.3361 from 09.04.2008
Virus news: www.antiviruslab.com