So, has most/all of my TLS problems been because I'm not using the correct command to start slapd?
Here is the command I've been using:
/usr/local/libexec/slapd -F /usr/local/etc/slapd.d -s 1 -h "ldap:/// ldaps:///"
What command should I use if I want slapd to read the TLS values from /usr/local/etc/openldap/slapd.conf?
Thanks tl
Internal Use - Confidential
-----Original Message----- From: Ryan Tandy ryan@nardis.ca Sent: Friday, May 12, 2023 8:40 PM To: Lemons, Terry Cc: openldap-technical@openldap.org Subject: Re: Debugging TLS negotiation failure
[EXTERNAL EMAIL]
On Fri, May 12, 2023 at 07:19:42PM +0000, Lemons, Terry wrote:
/usr/local/libexec/slapd -F /usr/local/etc/slapd.d -s 1 -h "ldap:/// ldaps:///"
This says to use the config database (not file) located at /etc/ldap/slapd.d
slapd IS reading the /usr/local/etc/openldap/slapd.conf, right
Not if the command line you wrote above is accurate. (Unless there's a file-to-database conversion happening that you didn't mention.)