Le lun. 12 dÃc. 2011 22:20:14 CET, Quanah Gibson-Mount a Ãcrit :
--On Monday, December 12, 2011 9:55 PM +0100 rey sebastien <reyman64@gmail.com> wrote:IMHO i know this problem but i think this is better than nothing, and actually i have nothing. I wait for valid certificate... And sorry but your RTFM answer doesn't help me to resolve this problem with gnutls and debian, i take many hours to find a valid solution in my use case, and the manual doesn't help me particulary on this point. OpenLdap is a great software, but documentation it's a little "cryptic" for beginner like me, so i think it's easy to be rude with beginner on many points.You're using bad documentation from a questionable source, and are pointed at the correct documentation, and have an issue with that? That seems a little odd to me.
When i add TLSCACertificateFile attribute with correct path, openldap with gnutls don't re-start.. I'm ok with Raffael, it's probably a bad idea to use the debian package, but i need one day or more to understand why an "official" package from debian create all this configuration's problem.
If you want to use SSL/TLS, then
clearly you want a secure server. To blindly follow a guide that turns off all of those security features leaves you back at square one. If you don't understand the OpenLDAP documentation, then ask questions about it rather than falling back to something unreliable that's going to leave questionable state.This is why i'm register on this mailling list, with hope some answers or experiences of other members resolve/enlight my beginner problems :) There a lot and a lot of old documentation for openLdap, with old slapd.conf configuration, old generation of certificates, incompatibility between certificate gnutls and openssl ..
It's not easy to find the right and exhaustive documentation ..
--Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration