[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: slapd.conf

To: Edward de Jongh <Edwardd@discovery.co.za>
Subject: RE: slapd.conf
From: Kevin Williams <kwilliams@tarity.com>
Date: Tue, 20 Jul 2004 11:47:24 -0700
Cc: "'openldap-software@OpenLDAP.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <60975534FF47714AB98CFD167CC8CCBE0BCA262D@dhexchange0.discoveryhealth.co.za>
Organization: tarity
References: <60975534FF47714AB98CFD167CC8CCBE0BCA262D@dhexchange0.discoveryhealth.co.za>

I got that bug when adding TLS support.  I'd first comment out the TLS
lines in your slapd.conf file and restart to confirm that is indeed the
issue.

If it did work, then I'm betting your certificate files are screwed up. 
I've seen configurations both with and without the Certificate
Authority.  Also the key file MUST be unencrypted.  If I recall the
default is to encrypt--depends on how you're creating them though!.

Hope this helps!

Kevin Williams

On Tue, 2004-07-20 at 07:30, Edward de Jongh wrote:
> Hi found this in the logs, will keep looking
> 
>  
> 
> main: TLS init def ctx failed: -1
> 
>  
> 
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Alexandre
> Garel
> Sent: 20 July 2004 04:12
> To: openldap-software@OpenLDAP.org
> Subject: Re: slapd.conf
> 
>  
> 
> Edward de Jongh a écrit :
> 
> 
> 
> Hi all I've managed to install OpenSSL for TLS and the install seemed
> to go without a hitch. I've now come across a new problem. No matter
> what changes I make to the slapd.conf, slapd will not start. So
> whether I add new values such as:
> 
>  
> 
> #
> 
> # TLS Security Configuration
> 
> #
> 
> TLSCertificateFile      /opt/openldap/etc/openldap/ldap_crt.pem
> 
> TLSCertificateKeyFile   /opt/openldap/etc/openldap/ldap_crt.pem
> 
> TLSCACertificateFile    /opt/openldap/etc/openldap/cacert.pem
> 
>  
> 
> Or just try and rename
> 
>  
> 
> #
> 
> # Database Directory
> 
> #
> 
> directory       /opt/openldap/var/ldap-data
> 
>  
> 
> to
> 
>  
> 
> #
> 
> # Database Directory
> 
> #
> 
> directory       /opt/openldap/var/bdb-data
> 
>  
> 
> slapd just won't start. I can however change the default password
> without any issues. Has anyone experienced a similar problem? I've
> gone through the faq's, but my gut says this is a permissions problem?
> 
>  
> 
> Tia
> 
>  
> 
> ed
> 
> What is the message in the log file ?
> Which user does run slapd as ('-u' option) ? 'ldap' user ? Who is the
> owner of ldap-data and files whithin, what are the perms on
> certificates files ?
> One problem I encountered was that if you create databases with
> slapadd, logged as root, databases are created owned by root, so you
> got to change the owner to, say, ldap user, if it's the user you run
> the slapd daemon as.
> 
>

References:
- RE: slapd.conf
  - From: Edward de Jongh <Edwardd@discovery.co.za>

Prev by Date: Re: LDAP API Development?
Next by Date: RE: Can't delete empty ou
Index(es):
- Chronological
- Thread