Hi,
Thanks for replay. I copied them to this directory. There should be no problems with permissions. The thing is that when I first got error message I changed permission to by giving all rights to everyone. It did not changed a thing.
Alfas
2008/12/11 Markus Wernig listener@wernig.net
Hi
You have either
- set permissions on the certificates/keys that do not allow slapd to read
them (check also directory permissions). or
- /etc/ldap/ssl/demoCA/newreq.pem is not a RSA private key. This depends on
how you created your certificate. If you followed the instructions in http://www.openldap.org/faq/data/cache/185.html, you should have your certificates and keys in a separate folder. The demoCA component in your path names shows that you seem to have created the CA under /etc/ldap/ssl/demoCA, which was probably not what you wanted (hint: don't run CA.sh from /etc/ldap/ssl).
Please follow the instructions more closely and locate the following three files and verify that slapd has read access to them:
- CA certificate
- slapd's private key
- slapd's certificate
kind regards /markus
Alfonsas Stonis wrote:
Dec 11 16:47:41 axew0204 slapd[434]: main: TLS init def ctx failed: -34
openldap-software@openldap.org