[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL possible startup bug in slapd

At 10:59 AM 1/23/01 -0700, Monty Charlton wrote:
>Hello all,
>When TLSCertificateKeyFile is defined in slapd.conf, and that file points to an encrypted key, I am prompted for a PEM password regardless of whether I am trying to start slapd with TLS/SSL support enabled (slapd -h "ldap:///"; or just plain slapd).  Is this intended?

Yes.  The key is needed for Start TLS.

>After entering the password, it starts, just as it should, _without_ TLS/SSL support.

But with Start TLS support.

>What I have done in the mean time is cook up a small perl script that comments the three TLS entries before trying to start slapd without TLS/SSL support.  But this seems suboptimal.  Does anyone see this as an issue worth addressing?
>Monty Charlton
>Caldera Systems, Inc.