[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap.conf not being used for TLS_CERT/TLS_KEY



On 07/06/15 08:53 +1000, Deon George wrote:
Hi,

Looking for feedback on why this is not working, or if it is a bug.

The details of my configuration are here:
http://serverfault.com/questions/702739 <http://serverfault.com/questions/702739>

I discovered (and proved), that ldapsearch is not honouring TLS_CERT/TLS_KEY in /etc/openldap/ldap.conf. I’m running the query as “root” and selinux is disabled.

If however, I put the TLS_CERT/TLS_KEY in my ~/ldaprc or ~/.ldaprc, then they are honoured.

Is this a bug?

What is stopping the “global default” of TLS_CERT/TLS_KEY from being read?

Both TLS_CERT and TLS_KEY are user-only options, by design. See the manpage
for ldap.conf for details on how to specify the settings within a user
configuration file.

--
Dan White