[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: still segmentation faults with SSL

Hi Kent,

> Do you have 'localhost' anywhere in your configuration files?
ahm, well I do - why, is that bad??

> Is the slapd daemon really owned by ldap/root (user/group)?  I don't have
> to run slapd with -u/-g.
No, the slapd executable is not owned by user ldap, but by user root. I
just thought it is good security practice to not have all services run
by root.

> Do you have more than one slapd on the system?  What is the result of
> "which slapd"?  I always like to enter the full path of slapd just to make
> sure (/usr/libexec/slapd on my machine).
No, I only have one slapd - it is located under /usr/libexec/slapd which
I added to the beginning of my PATH

> Is slapd.conf in /etc/openldap or /usr/etc/openldap?  You might be using
> the wrong file or no file at all.  Is that even possible?
I also only have one slapd.conf

> The "address family not supported by protocol" error for both ldap:// and
> ldaps:// means that it isn't only a TLS/SSL issue.  I haven't run into that
> one (yet), so hopefully someone who has can help you out with it.
That's what I hope too ;-)

> I would try to start out with a barebones server (no SSL/TLS, etc) and go
> from there.  If you are already doing this ... I'll light a candle for you.
Thank you very much. I really appreciate your help. I will start from the 
beginning again.


Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen. Wenn Sie nicht der richtige Adressat sind oder 
diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte 
sofort den Absender und vernichten Sie diese Mail. 
Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser 
Mail ist nicht gestattet.

This e-mail may contain confidential and/or privileged information. 
If you are not the intended recipient (or have received this e-mail
in error) please notify the sender immediately and destroy this 
e-mail. Any unauthorised copying, disclosure or distribution of the
material in this e-mail is strictly forbidden.