Stefan Kania wrote:
Syntax error? Open your file with vi and do a "set: list" and you will see additional blanks and tabstops.
Am 13.12.23 um 14:28 schrieb Jean-Luc Chandezon:
You are missing "changetype: modify"
this is how it should look
dn: cn=config changetype: modify add: olcTLSCertificateFile olcTLSCertificateFile: /opt/symas/etc/openldap/example-net-cert.pem
add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /opt/symas/etc/openldap/example-net-key.pem
add: olcTLSCACertificateFile olcTLSCACertificateFile: /opt/symas/etc/openldap/cacert.pem
Stefan
Thank you Stefan! Sorry for the mistake due to last changes.
Our ldf file content is:
dn: cn=config changetype: modify add: olcTLSCACertificateFile olcTLSCACertificateFile: /etc/ssl/certs/LEXP_Infra_CA1.pem
add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ssl/private/annuaire.lexp.fr.key
add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ssl/certs/annuaire.lexp.fr.pem
with the request: ldapmodify -Y EXTERNAL -H ldapi:/// -f /root/01-SSL.ldif result: modifying entry "cn=config" ldap_modify: Other (e.g., implementation specific) error (80)
Any idea?
Please find log content bellow
023-12-13T14:26:31.500282+01:00 bea-chicago slapd[63531]: #011#011one value, length 33 2023-12-13T14:26:31.500380+01:00 bea-chicago slapd[63531]: #011add: olcTLSCertificateKeyFile 2023-12-13T14:26:31.500452+01:00 bea-chicago slapd[63531]: #011#011one value, length 37
As always - set a higher debug level and examine the debug output. Not the syslog output. syslog is for recording routine operation, not for isolating problems. Use the debug output for troubleshooting.