[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Mozilla NSS / OpenLdap 2.4.23 cert not readable?

>-----Original Message-----
>From: Rich Megginson [mailto:rich.megginson@gmail.com]
>> What am I missing?
>not sure - start slapd and add "-d 1" to your slapd argument list (see
>/etc/sysconfig/ldap?  or slapd? for the argument list)

Doesn't yield anything, or rather, the copious debugging information it prints doesn't show any failure except for "animal.clarku.edu is not readable by "ldap""

>Also, please confirm that you are running slapd as the userid "ldap" and that
>/etc/pki/nssdb is readable by "ldap".

- confirmed.  Slapd is running as userid ldap.
- /etc/pki/nssdb is readable by "ldap": "sudo -u ldap certutil -L -n animal.clarku.edu -d /etc/pki/nssdb/" works as expected.

Thanks for your time,