[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap-technical Digest, Vol 97, Issue 15

On Thu, Dec 17, 2015 at 06:02:02PM +0300, Andrei Valoshyn wrote:
In debug slapd -d -1 output I saw that ldap is trying to load from /etc/ldap/slap.d/ directory although i had put "SLAPD_CONF=/etc/ldap/slapd.conf" to /etc/default/slapd. After I clean up /etc/ldap/slap.d/ directory ldap starting load db and schema, but still can't start with error:
TLS: could not set cipher list HIGH:+TLSv1:+SSLv2:+SSLv3.
56728db6 main: TLS init def ctx failed: -1
56728db6 slapd destroy: freeing system resources.
56728db6 syncinfo_free: rid=115
56728db6 slapd stopped.
56728db6 connections_destroy: nothing to destroy.
When I try "openssl ciphers -v HIGH:+TLSv1:+SSLv2:+SSLv3" it's work fine without any error

Which TLS library is your slapd linked against? The cipher strings for OpenSSL are very different, for example, for the priority strings for GnuTLS.