Philip Bellino wrote:
Hello, Running openldap -2-3-32 with SLAPD on a linux server. Also running openldap-2-3.32 on a linux client.
slapd.conf includes:
TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /usr/local/etc/openldap/cacert.pem TLSCertificateFile /usr/local/etc/openldap/servercert.pem TLSCertificateKeyFile /usr/local/etc/openldap/newkey.pem TLSVerifyClient never (or allow)
Issue1: Here is the debug output from the openldap code if the ldap.conf file has the following in it when I try authentication:
TLS_CACERT cacert.pem TLS_CACERTDIR /usr/local/etc/openldap/
All of the TLS cert-related directives take fully qualified pathnames. There is no relation between TLS_CACERT and TLS_CACERTDIR, just put the full path the cacert.pem in TLS_CACERT. Read the Admin Guide, Chapter 12.
Can anyone tell me why I get this error?
Any help would be most appreciated. Thanks, Phil Bellino ============================ Phil Bellino MRV Communications, Inc. Boston Product Division 295 Foster St. Littleton,MA 01460 Tel: (978)952-4807 Email: pbellino@mrv.com ============================