[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with SSL enabled slapd

To: dunk@the98.net
Subject: Re: Problem with SSL enabled slapd
From: Peter Marschall <peter.marschall@mayn.de>
Date: Sun, 17 Nov 2002 14:55:13 +0100
Cc: openldap <openldap-software@OpenLDAP.org>
In-reply-to: <3DD79765.5080104@the98.net>
Organization: ADPM
References: <3DD79765.5080104@the98.net>
User-agent: KMail/1.4.3

Hi,

On Sunday 17 November 2002 14:19, Dunk Chen wrote:
> I want to enable ssl supported on slapd.
> Following the reference I've got. I modified the slapd.conf with three
> lines as follows:
>
> TLSCipherSuite HIGH:MEDIUM:+SSLv2
> TLSCertificateFile /usr/share/ssl/certs/slapd.pem
> TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
>
> But..... I can't start my slapd anymore. The slapd just exited
> immediately when I start by command ./slapd -h "ldaps://127.0.0.1/".
>
> ps. I can normally start up my slapd without extra ssl configuration.

If you have OpenLDAP 2.1.x don't use a self signed server certificate.
Instead, use a self signed CA certificate and a separate server certificate
that is signed by the CA certificate.

Yours
Peter

-- 
Peter Marschall     |   eMail: peter.marschall@mayn.de
Scheffelstraße 15   |          peter.marschall@is-energy.de
97072 Würzburg      |   Tel:   0931/14721
PGP:  D7 FF 20 FE E6 6B 31 74  D1 10 88 E0 3C FE 28 35

Follow-Ups:
- Re: Problem with SSL enabled slapd
  - From: Tony Earnshaw <tonni@billy.demon.nl>

References:
- Problem with SSL enabled slapd
  - From: Dunk Chen <dunk@the98.net>

Prev by Date: Problem with SSL enabled slapd
Next by Date: Re: Problem with SSL enabled slapd
Index(es):
- Chronological
- Thread