[Date Prev][Date Next]
Re: openldap-technical Digest, Vol 97, Issue 15
- To: firstname.lastname@example.org
- Subject: Re: openldap-technical Digest, Vol 97, Issue 15
- From: Andrei Valoshyn <email@example.com>
- Date: Fri, 18 Dec 2015 16:38:15 +0300
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=exadel.com; s=google; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type; bh=j3prJyScpk2nktuhSCKManQi8vSnCQEmCgBr7cj5XX0=; b=hrykCmIeEeIzfGm8EVPveqhfENybEjCEW+35ZtcUA/V1ZPDaDCRy0v6noOwmVKBYIG yGZllo5MQiDUi5zDdEbxB/fGdXSoTdSyejZc4uM/dB7zxeSIuKqBGOe/ETIg25BC4e4F RoJr76fQV9plyIv6N8SbLgyUYKh2sYx5ddqWc=
- In-reply-to: <20151217161425.GA21800@comet>
- References: <firstname.lastname@example.org> <5672CE6A.email@example.com> <20151217161425.GA21800@comet>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
On 12/17/2015 07:14 PM, Ryan Tandy wrote:
On Thu, Dec 17, 2015 at 06:02:02PM +0300, Andrei Valoshyn wrote:
In debug slapd -d -1 output I saw that ldap is trying to load from
/etc/ldap/slap.d/ directory although i had put
"SLAPD_CONF=/etc/ldap/slapd.conf" to /etc/default/slapd. After I
clean up /etc/ldap/slap.d/ directory ldap starting load db and
schema, but still can't start with error:
TLS: could not set cipher list HIGH:+TLSv1:+SSLv2:+SSLv3.
56728db6 main: TLS init def ctx failed: -1
56728db6 slapd destroy: freeing system resources.
56728db6 syncinfo_free: rid=115
56728db6 slapd stopped.
56728db6 connections_destroy: nothing to destroy.
When I try "openssl ciphers -v HIGH:+TLSv1:+SSLv2:+SSLv3" it's work
fine without any error
Which TLS library is your slapd linked against? The cipher strings for
OpenSSL are very different, for example, for the priority strings for
Issue was fixed. I have incorrect ssl certificates.
With Best Wishes
CONFIDENTIALITY NOTICE: This email and files attached to it are
confidential. If you are not the intended recipient you are hereby notified
that using, copying, distributing or taking any action in reliance on the
contents of this information is strictly prohibited. If you have received
this email in error please notify the sender and delete this email.