Frederik Bosch frederik.bosch@gmail.com writes:
Compiling 2.4.17 with OpenSSL was more succesful than on 2.4.11. I think that's a Debian issue. Anyway, I have my server up and running! Thanks a lot Dieter for answering all my questions.
But I have a minor question left. Each time I restart slapd I have to enter the PEM pass phrase. Is there a way to remember or not prompt for the passphrase?
extract the password from the certificate openssl rsa -in certificate.pem -out some-key.pem
-Dieter
On 08/31/2010 12:15 PM, Frederik Bosch wrote:
In that case. I'd go for recompiling with openssl. I already tried, but that gave me following error.
Could not locate TLS/SSL package.
Of course, I also googled that. I think I need to point where to find the OpenSSL library.
dpkg -L openssl says
/usr/lib/ssl /usr/lib/ssl/misc /usr/lib/ssl/misc/c_info /usr/lib/ssl/misc/CA.sh /usr/lib/ssl/misc/c_hash /usr/lib/ssl/misc/c_name /usr/lib/ssl/misc/c_issuer /usr/lib/ssl/misc/CA.pl
So I tried to do
env CPPFLAGS="-I/usr/lib/ssl" LDFLAGS="-L/usr/lib/ssl"
before configure but no success. By the way, this is first time I try to compile something and I do it with debuild -us -uc.
On 08/31/2010 11:05 AM, Frederik Bosch wrote:
After getting my ACL right (thanks Dieter!), I have problems installing an official certificate. I bought a certificate at RapidSSL. Starting slapd gives me the following error.
TLS init def ctx failed: -69
This error is thrown in openldap 2.4.17. Since I am on debian, slapd is compiled against GnuTLS. When I was using 2.4.11 I had another error:
TLS init def ctx failed: -207
When I had a self-signed certificate I had no trouble. What could be wrong?