Hey guys,
I have these options set for SSL in my cn=config setup:
[root@ldap1:~] #ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config|grep ssl
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
olcTLSCACertificateFile: /etc/ssl/certs/ldap-ca-cert.pem
olcTLSCertificateFile: /etc/ssl/certs/ldap-server.crt
olcTLSCertificateKeyFile: /etc/ssl/certs/ldap-server.key
And I want to change the settings to the contents of this ldif file:
[root@ldap1:~] #cat addcerts.ldif
dn: cn=config
changetype: modify
add: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/pki/CA/certs/ca.crt
-
add: olcTLSCertificateFile
olcTLSCertificateFile: /etc/ldap/ssl/ldap1.example.com.crt
-
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/ldap/ssl/ldap1.example.com.key
But when I try to do that I get an error:
[root@ldap1:~] #ldapmodify -H ldapi:// -Y EXTERNAL -f addcerts.ldif
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
Segmentation fault (core dumped)
I wonder if I could be running low on memory:
[root@ldap1:~] #free -m
total used free shared buffers cached
Mem: 992 815 177 10 140 445
-/+ buffers/cache: 229 762
Swap: 0 0 0
Could this be causing the error? How can I make this change without encountering the segmentation fault?
Thanks,
Tim
--