[Date Prev][Date Next] [Chronological] [Thread] [Top]

[GnuTLS][TLS init def ctx failed: -1]

To: openldap-technical@openldap.org
Subject: [GnuTLS][TLS init def ctx failed: -1]
From: Warren Howard <warren@madtechsupport.com>
Date: Sat, 02 Apr 2011 17:27:44 +0530
User-agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.15) Gecko/20110303 Thunderbird/3.1.9

Hi there,

I'm using:

slapd -V
@(#) $OpenLDAP: slapd 2.4.21 (Mar 30 2011 18:32:32) $
    buildd@rothera:/build/buildd/openldap-2.4.21/debian/build/servers/slapd

cat /etc/issue
Ubuntu 10.04.2 LTS \n \l


This is Ubuntu so openldap has been compiled with GnuTLS

ldd /usr/sbin/slapd
    .
    .
    .
    libgnutls.so.26 => /usr/lib/libgnutls.so.26 (0xb73a9000)
    .
    .
    .

I've been following this guidehttps://help.ubuntu.com/10.04/serverguide/C/openldap-server.html and thesection on TLS works perfectly if I follow the instructions to the letter.

That is, so long as the locations of olcTLSCACertificateFile,olcTLSCertificate and olcTLSCertificateKeyFile are /etc/ssl/certs,/etc/ssl/certs and /etc/ssl/private respectively, then slapd willstart. For example:


olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem
olcTLSCertificateFile: /etc/ssl/certs/ldap01_slapd_cert.pem
olcTLSCertificateKeyFile: /etc/ssl/private/ldap01_slapd_key.pem

However, if I change the location of any of these files slapd will failto start with the error "TLS init def ctx failed: -1".

Should anyone ask, yes I've doubled checked for correct file permissionsand searched for typos. The names of the files does not matter, justtheir location.


These appears to be bug to me.

Regards,


Warren.

Follow-Ups:
- Re: [GnuTLS][TLS init def ctx failed: -1]
  - From: Marco Pizzoli <marco.pizzoli@gmail.com>

Prev by Date: Re: Using memberOf overlay with groups that contain uids, not DNs
Next by Date: Re: [GnuTLS][TLS init def ctx failed: -1]
Index(es):
- Chronological
- Thread