[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS Configuration

To: Hydro Tium <hydrotium@gmail.com>
Subject: Re: TLS Configuration
From: Gremaud Cyrill <cyrill.gremaud@hefr.ch>
Date: Wed, 26 Nov 2014 13:19:27 +0000
Accept-language: fr-CH, en-US
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Content-id: <3428192866C9B940A187437FEA6EEA49@hefr.ch>
Content-language: en-US
In-reply-to: <CAGsX+OFh4rsoqBq3Y-KxE1t5X37OCBiQsYFF5NRubtE2pOrnhQ@mail.gmail.com>
References: <CAGsX+OFh4rsoqBq3Y-KxE1t5X37OCBiQsYFF5NRubtE2pOrnhQ@mail.gmail.com>
Thread-index: AQHQCXl2GdqaW+9sSESvxfhdsQFE8pxy036A
Thread-topic: TLS Configuration

Hi Thum,

have you removed the line as mentioned ?




On 26 Nov 2014, at 13:51, Hydro Tium <hydrotium@gmail.com<mailto:hydrotium@gmail.com>> wrote:

Hi guys,

I'm struggling to configure my OpenLDAP with TLS (openssl) without success.  I'm receiving the following error:

$ sudo slapd -d 3
...
TLS: gcry_control GCRYCTL_SET_RNDEGD_SOCKET failed
5475ca9c main: TLS init failed: -1


My configuration is the following:
dn: cn=config
objectClass: olcGlobal
cn: config
olcPidFile: /var/run/slapd/slapd.pid
olcArgsFile: /var/run/slapd/slapd.args
olcIdleTimeout: 7
olcLogLevel: conns filter stats none
olcReferral: ldap://root.openldap.org<http://root.openldap.org/>
olcTLSCACertificateFile: /etc/ssl/certs/My_Root_CA.pem
olcTLSCertificateFile: /etc/ssl/certs/My_Root_CA.pem
olcTLSCertificateKeyFile: /etc/ldap/server.key.pem
olcTLSVerifyClient: demand
olcTLSRandFile: /dev/urandom


Any clues on how to solve this one?

References:
- TLS Configuration
  - From: Hydro Tium <hydrotium@gmail.com>

Prev by Date: Re: TLS Configuration
Next by Date: Re: Cannot add to mdb
Index(es):
- Chronological
- Thread