[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: contact ldap via ssl - won't do

To: Christian Guenther <chris@blaue-elise.net>, openLDAP-List <openldap-software@OpenLDAP.org>
Subject: Re: contact ldap via ssl - won't do
From: Norbert Klasen <norbert.klasen@daasi.de>
Date: Tue, 19 Mar 2002 21:49:24 +0100
Content-disposition: inline
In-reply-to: <1016551690.1367.2.camel@dorian.blaue-elise.net>
References: <1016551690.1367.2.camel@dorian.blaue-elise.net>

--On Dienstag, 19. März 2002 16:28 +0100 Christian Guenther <chris@blaue-elise.net> wrote:

I created an ssl-certificate with

	openssl req -new -x509 -nodes -days 720 -out \
	/etc/openldap/server.pem -keyout /etc/openldap/server.pem


Does this give a one file with both cert and key?

and set up my /etc/init.d/ldap start-script accordingly
The ldap-server starts I as I said I can contact and query it on
the normal port, but NOT with SSL or TLS or whatever.


Did you add
TLSCertificateFile      /etc/host.cert.pem
TLSCertificateKeyFile   /etc/host.key.pem
TLSCaCertificateFile    /etc/ca.cert.pem
to slapd.conf?

Did you start slapd with "-h ldaps:///" ?

--
Norbert Klasen, Dipl.-Inform.
DAASI International GmbH                 phone: +49 7071 29 70336
Wilhelmstr. 106                          fax:   +49 7071 29 5114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de

Follow-Ups:
- cn=Monitor
  - From: Frank Swasey <Frank.Swasey@uvm.edu>
- Re: contact ldap via ssl - won't do
  - From: Christian Guenther <chris@blaue-elise.net>

References:
- contact ldap via ssl - won't do
  - From: Christian Guenther <chris@blaue-elise.net>

Prev by Date: Re: Modifying the DN
Next by Date: Re: RE : how to generate passwords?
Index(es):
- Chronological
- Thread