[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS: private key mismatch Error (or problem)

To: Alvaro Poole <pulete@gmail.com>
Subject: Re: TLS: private key mismatch Error (or problem)
From: Peter Marschall <peter@adpm.de>
Date: Sat, 2 Jul 2005 11:46:45 +0200
Cc: OpenLDAP-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <184b6460050701164158faf3fb@mail.gmail.com>
Organization: ADPM
References: <184b6460050701164158faf3fb@mail.gmail.com>
User-agent: KMail/1.7.2

Hi,

On Saturday 02 July 2005 01:41, Alvaro Poole wrote:
> Hi, I´m having problems configuring Openldap with TLS/SSL. First of
> all, I´m trying to put a server certificate, so I create a certificate
> with OpenSSL with the next line:
>
> openssl req -newkey rsa:1024 -x509 -nodes -out ldapcert.pem -keyout
> ldapcert.pem -days 365
>
> After this, I configured my slapd.conf with the next lines (but
> before, I copied ldapcert.pem to slapd.conf directory):
>
> TLSCACertificateFile  ldapcert.pem
> TLSCertificadteFile   ldapcert.pem
> TLSCertificateKeyFile ldapcert.pem

Apart from the typo that Samuel Tra already reported, it may be a problem that 
you use the CA certificate as the server certificate.
IIRC OpenLDPA requires the server certificate to be different from the CA 
certificate.
The OpenLDAP FAQ gives more details about how to use TLS/SSL with OpenLDAP:

http://www.openldap.org/faq/index.cgi?_highlightWords=self%20signed&file=185

CU
PEter

-- 
Peter Marschall
eMail: peter@adpm.de

Follow-Ups:
- Re: TLS: private key mismatch Error (or problem)
  - From: Sameer N Ingole <strike@proscrutiny.com>
- Re: TLS: private key mismatch Error (or problem)
  - From: Howard Chu <hyc@symas.com>

References:
- TLS: private key mismatch Error (or problem)
  - From: Alvaro Poole <pulete@gmail.com>

Prev by Date: Re: smbk5pwd: pass change exop works, {K5KEY} check doesn't
Next by Date: Re: TLS: private key mismatch Error (or problem)
Index(es):
- Chronological
- Thread