[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS fails
Frederik Bosch <frederik.bosch@gmail.com> writes:
> Compiling 2.4.17 with OpenSSL was more succesful than on 2.4.11. I
> think that's a Debian issue. Anyway, I have my server up and running!
> Thanks a lot Dieter for answering all my questions.
>
> But I have a minor question left. Each time I restart slapd I have to
> enter the PEM pass phrase. Is there a way to remember or not prompt
> for the passphrase?
extract the password from the certificate
openssl rsa -in certificate.pem -out some-key.pem
-Dieter
> On 08/31/2010 12:15 PM, Frederik Bosch wrote:
>> In that case. I'd go for recompiling with openssl. I already tried, but
>> that gave me following error.
>>
>> Could not locate TLS/SSL package.
>>
>> Of course, I also googled that. I think I need to point where to find
>> the OpenSSL library.
>>
>> dpkg -L openssl says
>>
>> /usr/lib/ssl
>> /usr/lib/ssl/misc
>> /usr/lib/ssl/misc/c_info
>> /usr/lib/ssl/misc/CA.sh
>> /usr/lib/ssl/misc/c_hash
>> /usr/lib/ssl/misc/c_name
>> /usr/lib/ssl/misc/c_issuer
>> /usr/lib/ssl/misc/CA.pl
>>
>> So I tried to do
>>
>> env CPPFLAGS="-I/usr/lib/ssl" LDFLAGS="-L/usr/lib/ssl"
>>
>> before configure but no success. By the way, this is first time I try to
>> compile something and I do it with debuild -us -uc.
>>
>>
>>
>>
>> On 08/31/2010 11:05 AM, Frederik Bosch wrote:
>>> After getting my ACL right (thanks Dieter!), I have problems installing
>>> an official certificate. I bought a certificate at RapidSSL. Starting
>>> slapd gives me the following error.
>>>
>>> TLS init def ctx failed: -69
>>>
>>> This error is thrown in openldap 2.4.17. Since I am on debian, slapd is
>>> compiled against GnuTLS. When I was using 2.4.11 I had another error:
>>>
>>> TLS init def ctx failed: -207
>>>
>>> When I had a self-signed certificate I had no trouble. What could be
>>> wrong?
--
Dieter Klünter | Systemberatung
sip: 7770535@sipgate.de
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6