[Date Prev][Date Next]
Re: OpenLDAP with SSL
On Fri, 4 Dec 2009, Chamith Kumarage wrote:
> Hi Folks,
> I have setup openldap with SSL and i'm using self signed certs. I have
> included the following in my slapd.conf.
> TLSCipherSuite HIGH:MEDIUM:-SSLv2
> TLSCACertificateFile /etc/ldap/ssl/server.pem
> TLSCertificateFile /etc/ldap/ssl/server.pem
> TLSCertificateKeyFile /etc/ldap/ssl/server.pem
> TLSVerifyClient demand
> and in my ldap.conf I have;
> HOST <my_ip>
> PORT 636
> TLS_REQCERT /etc/ldap/ssl/server.pem
What slapd starting line (-h option) you've used? should be something like
"ldap://127.0.0.1:389/ ldaps://127.0.0.1:636/ ldapi:///"
E.g. in Debian it's configured via /etc/default/slapd file.