[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: problem enabling ssl on openldap 2.2.13
Am Tue, 4 Jan 2011 16:52:06 +0000
schrieb rui <guideveloper@gmail.com>:
> Hi
>
> I am trying to enable tls based session with openldap from a client. I
> created a self signed certificate based on command from
> http://www.openldap.org/pub/ksoper/OpenLDAP_TLS.html#4.1
> My server.pem file is in /etc/openldap directory where slapd.conf is
> located.
This document is not recommended
>
> Here are further settings in my slapd.conf
> TLSCACertificateFile server.pem
> TLSCertificateFile server.pem
> TLSCertificateKeyFile server.pem
>
> TLSVerifyClient never
>
>
> When I restart the ldap, it gives me the following warnings.
> is not readable by "ldap" [WARNING]
> is not readable by "ldap" [WARNING]
> is not readable by "ldap" [WARNING]
> Checking configuration files for slapd: [ OK ]
> Starting slapd: [ OK ]
This are not slapd warnings, what is the sosurce of this result report?
>
> I have checked the ps output and it is started as:
> ldap 6883 1 0 16:18 ? 00:00:00 /usr/sbin/slapd -u
> ldap -h ldap:/// ldaps:///
>
> AND
> netstat -anp | grep slapd
> tcp 0 0 0.0.0.0:389 0.0.0.0:*
> LISTEN 7850/slapd
> tcp 0 0 0.0.0.0:636 0.0.0.0:*
> LISTEN 7850/slapd
> tcp 0 0 ip:389 ip:43165
> ESTABLISHED 7850/slapd
> tcp 0 0 :::389 :::*
> LISTEN 7850/slapd
> tcp 0 0 :::636 :::*
> LISTEN 7850/slapd
> unix 2 [ ] DGRAM 302231743 7850/slapd
>
And what is your problem? slapd is listening on ports 389 and 636
-Dieter
--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E