On Mon, Mar 12, 2012 at 9:41 PM, Quanah
Gibson-Mount
<quanah@zimbra.com>
wrote:
--On Monday, March 12, 2012 6:52 PM -0700
Peter Wood <
peterwood.sd@gmail.com>
wrote:
Hi,
I setup openldap-2.4.23 server
Why? I'd suggest you start with the current release, 2.4.30.
You may also want to look at <http://www.openldap.org/its/index.cgi/?findid=7197>
That's the openldap version in centos6.2 repo. In
production I try to stick with stock versions.
Also I tried all variations of olcTLSVerifyClient:
[demand|hard|true] with the same result.
I don't think StartTLS is enabled. I'm
wondering if just setting olcTLSCACertificateFile, olcTLSCertificateFile and olcTLSCertificateKeyFile
is enough to get StartTLS enabled.