Full_Name: Warron French
Version: 2.4.38 LTB Project
Submission from: (NULL) (184.108.40.206)
developers, please help:
I am running CentOS-6.5 (on all machines in my little lab) and attempting to
setup an LDAP server for user-account authentication, which requires TLS. My
CentOS-6.5 machines are all running kernel 2.6.32-431.3.1.el6.x86_64. Also, the
version of OpenLDAP I am running based on a suggestion from a user is
LTB-Project.org's OpenLDAP-2.4.38, because the version that came natively
available with CentOS-6.5's repos was a very old 2.4.23.
I am writing a document in order to successfully repeat the build/configuration
steps from my lab and lessons learned into a production system.
The following is where I am...
I am still having problems with adding (via .ldif file) the following LDIF file
contents of /tmp/LDAP-CONFIG-TLS.ldif:
olcTLSCipherSuite: TLSv1+RSA:\!EXP:\!MD5:\!NULL (<- not sure if that argument
is valid for that CipherSuite selection either)
I use the following ldapmodify command:
ldapmodify -x -D "cn=admin,cn=config" -W -f /tmp/LDAP-CONFIG-TLS.ldif
Because I have debugging turned up (to -d 32768), the results now look like:
modifying entry "cn=config"
52e68423 connection_input: conn=1000 deferring operation: binding
slapd: result.c:813: slap_send_ldap_result: Assertion `!((rs->sr_err)<0)'
ldap_result: Can't contact LDAP server (-1)
I saw a thread on openldap.org
on the following link,
, that has the
exact same error. I can see that Howard Chu from Symas fixed the problem for
Symas, did LTB Project fix this problem? I cannot find any threads via
websearch for this issue.
My /var/log/openldap.log file does not show anything extra. In fact a tail of
the log file doesn't even show any errors really.
What do I need to do in order to get my LDAP running with TLS?
Thank you for any help, I am losing my sanity.