Hello,
I just upgraded to Debian 4.0 and OpenLDAP 2.3.30 and have some problems starting slapd afterwards.
With TLS enabled I get this output in syslog when running /etc/init.d/slapd start:
Aug 10 10:27:43 localhost slapd[10057]: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol) Aug 10 10:27:43 localhost slapd[10057]: /etc/ldap/slapd.access: line 11: rootdn is always granted unlimited privileges. Aug 10 10:27:46 localhost slapd[10057]: main: TLS init def ctx failed: -1 Aug 10 10:27:46 localhost slapd[10057]: slapd stopped. Aug 10 10:27:46 localhost slapd[10057]: connections_destroy: nothing to destroy.
If I disable TLS slapd starts without any errors. Any clue what the "main: TLS init def ctx failed:" means is appreciated.
Thanks,
Erling
--On August 10, 2007 10:36:42 AM +0200 Erling Ringen Elvsrud systemansvarlig@vagaungdomsskule.no wrote:
Hello,
I just upgraded to Debian 4.0 and OpenLDAP 2.3.30 and have some problems starting slapd afterwards.
With TLS enabled I get this output in syslog when running /etc/init.d/slapd start:
Aug 10 10:27:43 localhost slapd[10057]: daemon: IPv6 socket() failed errno=97 (Address family not supported by protocol) Aug 10 10:27:43 localhost slapd[10057]: /etc/ldap/slapd.access: line 11: rootdn is always granted unlimited privileges. Aug 10 10:27:46 localhost slapd[10057]: main: TLS init def ctx failed: -1 Aug 10 10:27:46 localhost slapd[10057]: slapd stopped. Aug 10 10:27:46 localhost slapd[10057]: connections_destroy: nothing to destroy.
If I disable TLS slapd starts without any errors. Any clue what the "main: TLS init def ctx failed:" means is appreciated.
It almost always means either the cert/key pointed to in slapd.conf doesn't exist, or is not readable by the slapd user.
--Quanah
-- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration
Erling Ringen Elvsrud systemansvarlig@vagaungdomsskule.no writes:
I just upgraded to Debian 4.0 and OpenLDAP 2.3.30 and have some problems starting slapd afterwards.
Debian runs slapd as the openldap user by default. Make sure that user can read your TLS keys and the relevant configuration files or modify /etc/default/slapd to run the server as root if you prefer.
openldap-software@openldap.org
-
Erling Ringen Elvsrud -
Quanah Gibson-Mount -
Russ Allbery