De : Quanah Gibson-Mount quanah@zimbra.com
À : Brian Empson brian_empson@yahoo.com; openldap-technical@openldap.org
I'm having an issue starting up slapd with TLS enabled. I tried to
search
for the error code but I couldn't find any GnuTLS error codes that
match.
Here are the log entries that appear:
Sep 25 21:07:05 dir0 slapd[15018]: main: TLS init def ctx failed: -1
95% of the time, this means slapd can't access the files you have specified. This could be blocked by things like AppArmor in addition to file/directory permissions. At a guess, your permissions on /etc/openldap/ssl are wrong, as it is missing "x".
I would suggest you try reading the various files "as" the _openldap user using sudo.
In your first mail I can see that you have [09/25/12 9:16PM][root@dir0 /etc/openldap]# ls -lah ssl total 12 drw------- 2 _openldap _openldap 512B Sep 25 19:59 .
I don't see the x permission, that could mean that the _openldap user cannot enter the directory. Moreover the permissions for other files rwxrwxrwx or rw-r--r-- could be improved