I'm running a non-production 2.3.27 slapd server on my home network. I had to transfer it to another machine so I copied the conf file & database files to the new machine. Before starting the service I edited the slapd.conf to comment out the TLS entries since I hadn't installed openssl & the cert yet.
When I started slapd, it immediately stopped and I received the dreaded "main: TLS init def ctx failed: -1 " I remembered having this issue when I was trying to get TLS running. So I ran strace (I'm running linux 2.6.x) and finally found this:
open("/etc/ssl/myca/cacert.pem", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
I was a bit confused and rechecked to make sure I had indeed commented out all the lines and that slapd was referencing the correct conf file. All was correct.
On a lark, I took a look at ldap.conf which I had copied from my old server as well. It still had TLS_CACERT /etc/ssl/myca/cacert.pem TLS_REQCERT allow
As soon as I commented out those lines, slapd started and stayed running.
Can someone help me understand the relationship between slapd and the ldap.conf file? I thought that was the client conf file.
Thanks!
\Greg