Re: how to configure tls and ldap

[Andy Loughran <andy@zrmt.com>]

Alfonsas Stonis wrote:
> Hi,
>
> I am trying to configure openldap and tls
> I am following instructions however, I can not start slapd
> http://www.openldap.org/faq/data/cache/185.html
>
> My cn\=config.ldif
>
> olcTLSCACertificateFile: /etc/ldap/ssl/demoCA/cacert.pem
> olcTLSCertificateFile: /etc/ldap/ssl/newcert.pem
> olcTLSCertificateKeyFile: /etc/ldap/ssl/demoCA/newreq.pem
>
> root@axew0204:/home/alfas# /etc/init.d/slapd start
> Starting OpenLDAP: slapd - failed.
> The operation failed but no output was produced. For hints on what went
> wrong please refer to the system's logfiles (e.g. /var/log/syslog) or
> try running the daemon in Debug mode like via "slapd -d 16383" (warning:
> this will create copious output).
>
> Below, you can find the command line options used by this script to
> run slapd. Do not forget to specify those options if you
> want to look to debugging output:
>   slapd -g openldap -u openldap -F /etc/ldap/slapd.d/
> root@axew0204:/home/alfas#
>
>
> However there is nothing in log :(
>
> Dec 11 16:47:41 axew0204 slapd[434]: @(#) $OpenLDAP: slapd 2.4.11 (Oct
> 25 2008 00:04:08) $
> ^Ibuildd@yellow:/build/buildd/openldap-2.4.11/debian/build/servers/slapd
> Dec 11 16:47:41 axew0204 slapd[434]: main: TLS init def ctx failed: -34
> Dec 11 16:47:41 axew0204 slapd[434]: slapd stopped.
> Dec 11 16:47:41 axew0204 slapd[434]: connections_destroy: nothing to
> destroy.
>
> Any ideas???
>
> Thanks.
>
> Alfas
Dec 11 16:47:41 axew0204 slapd[434]: main: TLS init def ctx failed: -34

That would appear to be something in your log.