[KLUG Members] OpenLDAP + TLS

Adam Williams members@kalamazoolinux.org
26 Dec 2002 07:57:54 -0500

Previous message: [KLUG Members] OpenLDAP + TLS
Next message: [KLUG Members] OpenLDAP + TLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>I am going nuts trying to get OpenLDAP 2.1.9 TLS enabled. According
>to http://www.openldap.org, the only items required to enable TLS/SSL
>are: Client Certificate, Client cert private key associated and the
>Root CA Certificate. I did this, but OpenLDAP refuses to startup with 
>TLS/SSL support :( I built this from scratch, and it was built with 
>"--enable-tls." Anyone else seen this? The appropriate lines from my 
>ldap.conf are shown below.
>-=- ldap.conf -=-
>TLSCertificateFile    /usr/local/openldap/etc/certs/ldapcert.pem
>TLSCertificateKeyFile /usr/local/openldap/etc/certs/ldapkey.pem
>TLSCACertificateFile  /usr/local/openldap/etc/certs/cacert.pem

Is slapd linked to the SSL libraries?

What ports is slapd listening on (netstat -ap | grep slap)?

Are you sure the security context of the slapd process has permissions
to read the cert files?

What is your loglevel?  Do you see any errors pertaining to the refusal
to use SSL/TLS?

Previous message: [KLUG Members] OpenLDAP + TLS
Next message: [KLUG Members] OpenLDAP + TLS
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]