[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Mozilla NSS / OpenLdap 2.4.23 cert not readable?

On 12/12/2011 01:16 PM, Aaron Bennett wrote:
-----Original Message-----
From: Rich Megginson [mailto:rich.megginson@gmail.com]
What am I missing?
not sure - start slapd and add "-d 1" to your slapd argument list (see
/etc/sysconfig/ldap?  or slapd? for the argument list)
Doesn't yield anything, or rather, the copious debugging information it prints doesn't show any failure except for "animal.clarku.edu is not readable by "ldap""
That's really strange.  I'd like to take a look at that output.
Also, please confirm that you are running slapd as the userid "ldap" and that
/etc/pki/nssdb is readable by "ldap".
- confirmed.  Slapd is running as userid ldap.
- /etc/pki/nssdb is readable by "ldap": "sudo -u ldap certutil -L -n animal.clarku.edu -d /etc/pki/nssdb/" works as expected.

Thanks for your time,