[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Re: Pre-requisites to enable SSL/TLS in OpenLDAP 2.4
- To: <dieter@dkluenter.de>
- Subject: Re: Re: Pre-requisites to enable SSL/TLS in OpenLDAP 2.4
- From: "Arun Srinivasan" <arunsriniv@rediffmail.com>
- Date: 24 Mar 2010 15:45:31 -0000
- Cc: openldap-technical@openldap.org
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=redf; d=rediffmail.com; b=os09fbdrY/+n+bZgreWfYJtqV6Sk3ij5EuUuZrEPRgdm9LeTClV6bV+AKHJB0Q4wcaa4KlJWGaP/PYr1IpGJLxwVkT/Mnzqe9kA3GKpE+r1nx821LUQEfoxvB1psFDwy3ABHblFgYb+pPo32ejgNjup8z52FiINMztxyPqNWF20= ;
Thanks for the reply, Dieter. Yes it seems slapd has not been built with openssl.
Here is the output of ldd:
$ ldd /usr/local/libexec/slapd
libdb-4.8.so => /usr/local/BerkeleyDB.4.8/lib/libdb-4.8.so (0x00002ad9ac26a000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003542a00000)
libresolv.so.2 => /lib64/libresolv.so.2 (0x000000354ba00000)
libc.so.6 => /lib64/libc.so.6 (0x0000003541e00000)
/lib64/ld-linux-x86-64.so.2 (0x0000003541a00000)
Can you please let me know if there is any workaround for this or do we need to re-configure openldap with (--with-tls=openssl) ?
Also let me know if we need to configure openldap with any other configuration options for TLS/SSL to work properly.
Please suggest.
Thanks.
On Wed, 24 Mar 2010 19:24:29 +0530 wrote
>"Arun Srinivasan" writes:
> Hi All,
>
> I am using OpenLDAP 2.4.21 on RHEL 5.3.
>
> I have configured the openldap with "./configure --with-tls" option to enable
> ssl in the server. I used the built-in openssl that comes with RHEL 5.3.
> Berkley GB is 4.8.26.
[...]
>
> then I get the following output:
>>>>>>>>>
> daemon_init: ldap:// ldaps://
> daemon_init: listen on ldap://
> daemon_init: listen on ldaps://
> daemon_init: 2 listeners to open...
> ldap_url_parse_ext(ldap://)
> daemon: listener initialized ldap://
> ldap_url_parse_ext(ldaps://)
> daemon: TLS not supported (ldaps://)
> slapd stopped.
> connections_destroy: nothing to destroy.
>>>>>>>>>>
[...]
It seems that slapd has not been built with openssl, you may check the
shared libraries linked to slapd calling ldd(1).
-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E