[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL possible startup bug in slapd

To: Monty Charlton <monty@caldera.com>
Subject: Re: TLS/SSL possible startup bug in slapd
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Tue, 23 Jan 2001 11:07:20 -0800
Cc: openldap-devel@OpenLDAP.org
In-reply-to: <20010123105916.A5301@kyle.calderalabs.com>

At 10:59 AM 1/23/01 -0700, Monty Charlton wrote:
>Hello all,
>
>When TLSCertificateKeyFile is defined in slapd.conf, and that file points to an encrypted key, I am prompted for a PEM password regardless of whether I am trying to start slapd with TLS/SSL support enabled (slapd -h "ldap:///"; or just plain slapd).  Is this intended?

Yes.  The key is needed for Start TLS.

>After entering the password, it starts, just as it should, _without_ TLS/SSL support.

But with Start TLS support.

>What I have done in the mean time is cook up a small perl script that comments the three TLS entries before trying to start slapd without TLS/SSL support.  But this seems suboptimal.  Does anyone see this as an issue worth addressing?
>
>Thanks,
>Monty
>
>--
>Monty Charlton
>Caldera Systems, Inc.
>http://www.caldera.com

Follow-Ups:
- Re: TLS/SSL possible startup bug in slapd
  - From: Monty Charlton <monty@caldera.com>

References:
- TLS/SSL possible startup bug in slapd
  - From: Monty Charlton <monty@caldera.com>

Prev by Date: TLS/SSL possible startup bug in slapd
Next by Date: Re: glibc 2.2 problem? (off topic)
Index(es):
- Chronological
- Thread