Re: Re: Pre-requisites to enable SSL/TLS in OpenLDAP 2.4

["Arun Srinivasan" <arunsriniv@rediffmail.com>]

Thanks for the reply, Dieter. Yes it seems slapd has not been built with openssl.

Here is the output of ldd:

$ ldd /usr/local/libexec/slapd
 libdb-4.8.so => /usr/local/BerkeleyDB.4.8/lib/libdb-4.8.so (0x00002ad9ac26a000)
 libpthread.so.0 => /lib64/libpthread.so.0 (0x0000003542a00000)
 libresolv.so.2 => /lib64/libresolv.so.2 (0x000000354ba00000)
 libc.so.6 => /lib64/libc.so.6 (0x0000003541e00000)
 /lib64/ld-linux-x86-64.so.2 (0x0000003541a00000)

Can you please let me know if there is any workaround for this or do we need to re-configure openldap with (--with-tls=openssl) ?

Also let me know if we need to configure openldap with any other configuration options for TLS/SSL to work properly.

Please suggest.

Thanks.

On Wed, 24 Mar 2010 19:24:29 +0530  wrote
>"Arun Srinivasan"

writes:



> Hi All,

>

> I am using OpenLDAP 2.4.21 on RHEL 5.3.

>

> I have configured the openldap with "./configure --with-tls" option to enable

> ssl in the server. I used the built-in openssl that comes with RHEL 5.3.

> Berkley GB is 4.8.26.

[...]

>

> then I get the following output:

>>>>>>>>>

> daemon_init: ldap:// ldaps://

> daemon_init: listen on ldap://

> daemon_init: listen on ldaps://

> daemon_init: 2 listeners to open...

> ldap_url_parse_ext(ldap://)

> daemon: listener initialized ldap://

> ldap_url_parse_ext(ldaps://)

> daemon: TLS not supported (ldaps://)

> slapd stopped.

> connections_destroy: nothing to destroy.

>>>>>>>>>>

[...]



It seems that slapd has not been built with openssl, you may check the

shared libraries linked to slapd calling ldd(1).



-Dieter



--

Dieter Klünter | Systemberatung

http://dkluenter.de

GPG Key ID:8EF7B6C6

53°37'09,95"N

10°08'02,42"E