[SLE] openldap and tls
From: HK (thelistbox_at_yahoo.com)
Date: Tue, 22 Feb 2005 22:26:35 -0800 (PST) To: email@example.com
Has anyone gotten this to work? I've spent _HOURS_ over several days trying.
SuSE 9.2 PRO
Create my own CA key and self signed cert.
Create key and cert for ldap.server.net.
This matches hostname -f
Sign ldap.server.net.pem cert with CA cert.
Use openssl verify to check ldap.server.net.pem against ca.pem. OK.
Add the following to /etc/openldap/slapd.conf:
Add the following to /etc/openldap/ldap.conf
try to start slapd with:
slapd -d 1
TLS: private key mismatch
TLS: error:140A80B1:SSL routines:SSL_CTX_check_private_key:no certificate assigned
main: TLS init def ctx failed: -1
slapd starts as long either TLSACACertificateFile or TLSCertificateKeyFile are
commented out in slapd.conf.
I've made sure ldap is owner and group of /etc/openldap/certs and
Have gone thru key and cert creation process several times for CA and server.
Since the server cert verify OK - maybe I have something wrong with the server key
or in a config file somewhere.
But what or where?
Any suggestions would be greatly appreciated.
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced search.
-- Check the headers for your unsubscription address For additional commands send e-mail to firstname.lastname@example.org Also check the archives at http://lists.suse.com Please read the FAQs: email@example.com