[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
fails to start ldaps://
- To: openldap-technical@openldap.org
- Subject: fails to start ldaps://
- From: owen nirvana <freeespeech@gmail.com>
- Date: Wed, 30 Jun 2010 19:30:28 +0800
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:from:date :message-id:subject:to:content-type; bh=wTU+dvnwbcnvktcSODqp3eaTltr9sNvlyWH3Cuf8sJE=; b=ROP/zgtcbTtemvsX49d5ZxIJtTba2CUidscEDer0TEH72NN39ze7wpZ03Hz6j0VOip tkSyIJf0i8/y2QCkBnsGI+Eb149p4t31J0V1mRHhNcZ8Yxdlhu6zleDvJRWjGbnP0EcH MLycYqS0Ieh/1uyx2bdPUtFxgEJgC12aZ5zb0=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=KKAsaMjeRrsVGsgWb9f24Akw97X5Mg8SfbK27RCSRgZLroLrbDVNisogRF7MeoTZbG f3vKnvboTZS5OfMaycECOl9n9sC2832RdHd7pE0V8dczm1sREwgd8aGnZ633iybUm6BO 8BzqyGJjhdEawDJfgks00GbVuXfGiTCW2utKM=
it's openldap-2.4.17 in debian testing
I try to config slapd.conf to use ldap ssl.
TLSCACertificateFile cacert.pem
TLSCertificateFile ldapclient.pem
TLSCertificateKeyFile ldapclientkey.pem
TLSVerifyClient never
I could not start slapd after I config TLS in slapd.conf, error info is "Main: TLS init def ctx failed: -69"
the OpenLDAP Admin Guide only mentions CipherSuite in OpenSSL, not GnuTLS. Steve Langasek advice leave TLSCipherSuite blank(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462588), and I do config so.
But if I config some specific CipherSuite or just "ALL", error info will be "TLS: could not set cipher list ALL. Main: TLS init def ctx failed: -1"
gtalk:freeespeech@gmail.com