[Date Prev][Date Next]
RE: TLSCertificateKeyFile without password protection?
This is a question about OpenSSL, not OpenLDAP. You should be posting
your question on an OpenSSL-Users mailing list.
The answer you need is to use the "-nodes" option to the openssl req
command. This is documented in the online help and the manual.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Peter Daum
> I am just trying my first steps with openldap. For my
> application, TLS would be important. I am using openssl-0.9.6 on
> The man page for slad.conf mentions with regard to the option
> TLSCertificateKeyFile, that the private key must not be protected
> with a password. Unfortunately, I can't figure out any way to get
> openssl to generate a key without password. When I run openssl to
> generate a certificate request, it always insists on a password
> with at least 4 characters.
> Is there any way to avoid this? I could not find any workaround.
> Btw., the result still works, but unfortunately, I have to start
> slapd manually and enter the password for the private key. All
> attempts to come up with a script to automatically start slapd at
> system start (I even tried expect ;-) failed.
> Peter Daum