RE: OpenLDAP segfaults when used with ssl

["Howard Chu" <hyc@highlandsun.com>]

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Christian
Guenther

> Hi list,

> In the meantime I got a bit more of an understanding of the whole
> process. I was wrong in the first place mixing TLS/SSL with SASL
> (thanks a lot to Shaick). And I recompiled my OpenLDAP server
> using  OpenSSL 0.9.6j instead of 0.9.7 (thanks Howard).

> But now I receive the following error when trying to start:

Your slapd.conf points to a TLS certificate file that doesn't exist. Probably
you have mistyped the pathname.

> /usr/libexec/slapd -u ldap -g root -f
> /etc/openldap/slapd.conf -d 10 -h
> "ldap:/// ldaps:///"
> daemon: socket() failed errno=97 (Address family not supported by
> protocol)
> daemon: socket() failed errno=97 (Address family not supported by
> protocol)
> /etc/openldap/slapd.conf: line 45: unknown directive "logfile" outside
> backend info and database definitions (ignored)
> TLS: could not use certificate `/etc/openldap/severcrt.pem'.
> TLS: error:0906D06C:PEM routines:PEM_read_bio:no start line
> pem_lib.c:666
> TLS: error:02001002:system library:fopen:No such file or directory
> bss_file.c:245
> TLS: error:20074002:BIO routines:FILE_CTRL:system lib bss_file.c:247
> TLS: error:140AD002:SSL
> routines:SSL_CTX_use_certificate_file:system lib
> ssl_rsa.c:513
> main: TLS init def ctx failed: -1
> slapd stopped.
> connections_destroy: nothing to destroy.


  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support