Hello, all. Happy 2017
From the years 2009 to 2012 I've administrate as OpenLDAP cluster using SSL configurations, something like that:
backend hdb
sizelimit unlimited
allow bind_v2
concurrency 100
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCACertificateFile: /etc/ssl/certs/ca_server.pem
TLSCertificateFile: /etc/ssl/certs/ldap_server.pem
TLSCertificateKeyFile: /etc/ssl/private/ldap_server.key
TLSVerifyClient never
access to attrs=userPassword by anonymous auth by self write by * none
access to * by self write by * none
loglevel 3
# Database configuration
database hdb
suffix "dc=example,dc=com"
This year I'll start to admin another cluster, now installed in Ubuntu 16.04 using:
slapd/xenial-updates,now 2.4.42+dfsg-2ubuntu3.1 amd64 [installed]
OpenLDAP server (slapd)
If I remove TLS directives from slapd.conf, the server runs fine but, of course, just using LDAP protocol without any kind of cryptography. Using the TLS directives, I always have the error
/etc/ldap/slapd.conf: line 27: unknown directive <TLSCertificateFile:> outside backend info and database definitions.
I did research in Google and read man 5 slapd.conf and I GUESS directives are in the right place in slapd.conf.
Anybody face this error recently and can help me with some tips?
Thanks in advance
--