[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Can't get TLS working.
c0re <nr1c0re@gmail.com> writes:
> # making clientkey
> openssl genrsa -out client.key 2048
> # making certificate request
> openssl req -new -key client.key -out client.csr
> # signing
> openssl x509 -req -days 1024 -CA ../ssl/rootcrt.pem -CAkey
> ../ssl/rootkey.pem -in client.csr -out client.crt -CAserial
> ../ssl/root.seq
>
> # configuring on client
> TLS_CACERT /usr/local/etc/openldap/ssl-client/rootcrt.pem
> TLS_CERT /usr/local/etc/openldap/ssl-client/client.crt
> and
> TLS_KEY /usr/local/etc/openldap/ssl-client/client.key
>
> Trying again with slapd debug and client calling "id test"
[...]
As there are no obvious errors in the log you should get TLS properly
working, prior to testing with pam. Just do a ldapsearch or a
ldapwhoami either on uri ldaps:// or startTLS on ldap://
-Dieter
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6