[Date Prev][Date Next]
Re: Problems with SASL and TLS
> I have successfully configured SLAPD to use TLS with a self-signed
> I basically used the openSSL description of creating a self-signed
> certificate for Apache. However, when I try and connect to it with
> SLURPD it fails. I verified that it works with other clients however.
> Is this the idea behind TLS=[critical|yes]? I don't see how SLURPD
> would accept this certificate. I did try to use the same certificate
> on both of the servers but this didn't help. Is this correct?
here are the relevant pieces of what i have in my slapd.conf:
you should generate the key like this:
# openssl req -new -x509 -nodes -out server.pem -keyout server.pem -days 365
note. this used to work great for me however since i recompiled to use a
non-standard location (--prefix=/opt/openldap-2.0.7-1) i've found that tls
based replication does not work, though "ldapsearch -ZZ ..." does work. i
have yet to find a solution to this.