Re: Reg OpenLdap on Ubuntu

How did you create the certificates? Can slapd read them? On Fri, Jul 10, 2009 at 5:00 AM, Asimananda Mohanty < asimananda.mohanty(a)gmail.com&gt; wrote: > Hi All, > > I am currently busy configuring OpenLdap on my newly installed Ubuntu > 9.04. > > Here is what I have done till now. > > I followed the steps defined in > https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html and > installation was successful. I installed PhpLdapAdmin also. > > After I created certificate, key etc, I created a .ldif file > (enable-ca.ldif) with the following content : > > *dn: cn=config > add: olcTLSCACertificateFile > olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem > - > add: olcTLSCertificateFile > olcTLSCertificateFile: /etc/ssl/certs/server.crt > - > add: olcTLSCertificateKeyFile > olcTLSCertificateKeyFile: /etc/ssl/private/server.key* > > Then I executed the command : > > *ldapmodify -D "cn=admin,cn=config" -x -w 12345678 -f enable-ca.ldif* > > and it was a success. > > But after this, when I tried to restart slapd, I got errors like the > following : > > *main: TLS init def ctx failed: -1* > > I noticed that after I executed "ldapmodify -D "cn=admin,cn=config" -x -w > 12345678 -f enable-ca.ldif", 3 lines are added to /etc/ldap/slapd.d/cn=config.ldif > and when I commented the last two lines like the following, slapd started > successfully. > > *olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem > #olcTLSCertificateFile: /etc/ssl/certs/server.crt > #olcTLSCertificateKeyFile: /etc/ssl/private/server.key* > > This looks quite strange. > > Please help me resolving the same. > > -Asimananda >