Hey guys,

I have these options set for SSL in my cn=config setup:

[root@ldap1:~] #ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config|grep ssl
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
olcTLSCACertificateFile: /etc/ssl/certs/ldap-ca-cert.pem
olcTLSCertificateFile: /etc/ssl/certs/ldap-server.crt
olcTLSCertificateKeyFile: /etc/ssl/certs/ldap-server.key

And I want to change the settings to the contents of this ldif file:

[root@ldap1:~] #cat addcerts.ldif
dn: cn=config
changetype: modify
add: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/pki/CA/certs/ca.crt
-
add: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ldap/ssl/ldap1.example.com.crt
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ldap/ssl/ldap1.example.com.key

But when I try to do that I get an error:


[root@ldap1:~] #ldapmodify -H ldapi:// -Y EXTERNAL -f addcerts.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
Segmentation fault (core dumped)

I wonder if I could be running low on memory: 

[root@ldap1:~] #free -m
             total       used       free     shared    buffers     cached
Mem:           992        815        177         10        140        445
-/+ buffers/cache:        229        762
Swap:            0          0          0

Could this be causing the error? How can I make this change without encountering the segmentation fault?

Thanks,
Tim


--
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B