[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: OpenLDAP segfaults when used with ssl

To: openldap-software@OpenLDAP.org
Subject: RE: OpenLDAP segfaults when used with ssl
From: Christian Guenther <christian.guenther@amaxa.com>
Date: 29 Jul 2003 14:41:19 +0200
In-reply-to: <020401c355b6$394e56b0$856350c1@CELLO>
References: <020401c355b6$394e56b0$856350c1@CELLO>

Hi list,

> What are we, psychic?
Sorry, I did not mind to bother you, I know by myself how annoying 
a question like my own can be. It's just, I started my openldap 
server with a debugging level of 256 and still all, I can see is 
a segfault at the end. But don't mind that first question anymore.

In the meantime I got a bit more of an understanding of the whole 
process. I was wrong in the first place mixing TLS/SSL with SASL 
(thanks a lot to Shaick). And I recompiled my OpenLDAP server 
using  OpenSSL 0.9.6j instead of 0.9.7 (thanks Howard).

But now I receive the following error when trying to start:

/usr/libexec/slapd -u ldap -g root -f /etc/openldap/slapd.conf -d 10 -h
"ldap:/// ldaps:///"
daemon: socket() failed errno=97 (Address family not supported by
protocol)
daemon: socket() failed errno=97 (Address family not supported by
protocol)
/etc/openldap/slapd.conf: line 45: unknown directive "logfile" outside
backend info and database definitions (ignored)
TLS: could not use certificate `/etc/openldap/severcrt.pem'.
TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line
pem_lib.c:666
TLS: error:02001002:system library:fopen:No such file or directory
bss_file.c:245
TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:247
TLS: error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system lib
ssl_rsa.c:513
main: TLS init def ctx failed: -1
slapd stopped.
connections_destroy: nothing to destroy.

To give you all (if someone is still reading) a deeper view as to how
I came that far let me tell you that I'm using the OpenLDAP SSL/TLS
Howto by Kent Soper from June 2003.

> As a general note, OpenSSL 0.9.7 doesn't work well with OpenLDAP. I don't
> know if anyone has taken the time to investigate where the compatibility
> issues are yet. I use 0.9.6 for production deployments.
Thanks again.

Maybe someone can help me now,

	chris


Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen. Wenn Sie nicht der richtige Adressat sind oder 
diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte 
sofort den Absender und vernichten Sie diese Mail. 
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser 
Mail ist nicht gestattet.

This e-mail may contain confidential and/or privileged information. 
If you are not the intended recipient (or have received this e-mail
in error) please notify the sender immediately and destroy this 
e-mail. Any unauthorised copying, disclosure or distribution of the
material in this e-mail is strictly forbidden.

Follow-Ups:
- RE: OpenLDAP segfaults when used with ssl
  - From: "Howard Chu" <hyc@highlandsun.com>

References:
- RE: OpenLDAP segfaults when used with ssl
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: OpenLDAP segfaults when used with ssl
Next by Date: Re: LDAP Performance.
Index(es):
- Chronological
- Thread