Re: OpenLDAP with SSL

2009/12/4 Chamith Kumarage gnu.chami@gmx.net:

Hi Folks,

I have setup openldap with SSL and i'm using self signed certs. I have included the following in my slapd.conf.

TLSCipherSuite HIGH:MEDIUM:-SSLv2

If you are using Debian see this - http://wiki.debian.org/LDAP/OpenLDAPSetup

TLSCACertificateFile /etc/ldap/ssl/server.pem TLSCertificateFile /etc/ldap/ssl/server.pem TLSCertificateKeyFile /etc/ldap/ssl/server.pem TLSVerifyClient demand

and in my ldap.conf I have;

HOST <my_ip> PORT 636 TLS_REQCERT /etc/ldap/ssl/server.pem

When I start the service, I see port 636 is up and I can even telnet to it. But I cannot perform any ldap operations there.

Any help would be appreciated!

Thanks, ~Chamith