[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: directive "TLSCipherSuite" not recognized





--On Thursday, April 28, 2005 1:19 PM +0530 Sameer N I <strike@proscrutiny.com> wrote:

Hi,

Problem: getting warning from slapd.

Apr 28 12:10:38 ironclad slapd[11895]:
/usr/local/etc/openldap/slapd.conf: line 87: unknown directive
"TLSCipherSuite" inside backend database definition (ignored)
Apr 28 12:10:38 ironclad slapd[11895]:
/usr/local/etc/openldap/slapd.conf: line 88: unknown directive
"TLSCertificateFile" inside backend database definition (ignored)
Apr 28 12:10:38 ironclad slapd[11895]:
/usr/local/etc/openldap/slapd.conf: line 89: unknown directive
"TLSCertificateKeyFile" inside backend database definition (ignored)
password-hash {SSHA}

database bdb suffix "dc=ironclad,dc=mil" rootdn "cn=Almighty,dc=ironclad,dc=mil"

TLSCipherSuite          HIGH:MEDIUM:+SSLv2
TLSCertificateFile      /etc/local/slapd-cert.pem
TLSCertificateKeyFile   /etc/local/slapd-key.pem

The warnings you are seeing are pretty clear. You have put the TLS* directives inside the database definition. See the line "database bdb"? That's where you started the database definition. You should move the TLS* directives to occur *before* that line.


--Quanah


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin