Re: Slapd TLS issue

[Eric Falbe <ericf706@gmail.com>]

Yes, the openldap rpm was just updated, but it did not take effect until the slapd deamon was restarted.  I have not explicitly tried to use the  Mozilla NSS database, I did not use the TLSCADIR(?) attribute and instead used:

olcTLSCertificateFile , olcTLSCertificateKeyFile, and olcTLSCACertificateFile.

I will look into that bug and the documentation you pointed me at.

Thanks

Eric Falbe

On Thu, Mar 6, 2014 at 5:29 PM, Terje Trane <terjet@funcom.com> wrote:

On 05.03.2014 22:27, Eric Falbe wrote:

I have attempted to rebuild the database backend (with slapcat and slapadd), but am still getting this same error.  I have my ssl (self-signed) certificates located in /etc/pki/tls/certs/ldap.cassens.com.pem /etc/pki/tls/tls/certa/ca.pem /etc/pki/tls/private/ldap.cassens.comKey.pem

These certificates worked fine up untill today, does anyone have any insight on where to look to being troubleshooting this issue?

Just a guess, but was the openldap rpm just updated? (or the service just restarted for the first time after a previous update).

Could this be related to RedHat/CentOS rpms deciding to start using GnuTLS instead of OpenSSL? Try searching in their bug databases.

E.g.: https://bugzilla.redhat.com/show_bug.cgi?id=707599

---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com