Antonio Camacho wrote, on 10. apr 2007 17:20:
[...]
My slapd.conf configuration: # TLSCipherSuite HIGH:MEDIUM:+SSLv2:RSA TLSCertificateFile /etc/openldap/cacerts/master.pem TLSCertificateKeyFile /etc/openldap/cacerts/master- key.pem TLSCACertificateFile /etc/openldap/cacerts/cacert.pem
Don't use this:
TLSVerifyClient demand #
My ldap.conf configuration: # Base=mydomain SIZELIMIT 0 TIMELIMIT 0
TLS_CACERT /etc/openldap/cacerts/cacert.pem
Don't use these:
TLS_CERT /etc/openldap/cacerts/master.pem TLS_KEY /etc/openldap/cacerts/master-key.pem TLS_REQCERT demand
My .ldaprc configuration:
~/.ldaprc is redundant; scrap it.
# TLS_CACERT /etc/openldap/cacerts/cacert.pem TLS_CERT /etc/openldap/cacerts/master.pem TLS_KEY /etc/openldap/cacerts/master-key.pem TLS_REQCERT demand
For the rest things look ok.
--Tonni