On Thu, 6 Mar 2014, Eric Falbe wrote:
Does anyone know where the database in the message: TLS: error: the certificate '/etc/pki/tls/certs/ldap. cassens.com.pem' could not be found in the database - error -12285:Unable to find the certificate or key necessary for authentication
Is located at and how I might rebuild it?
That error is specific to when openldap is built against Mozilla NSS, so the centos-supplied binary you're using obviously links to that. Did you follow the NSS-specific instructions in the slapd-config(5) manpage? For example: olcTLSCertificateFile: <filename> Specifies the file that contains the slapd server certificate.
When using Mozilla NSS, if using a cert/key database (specified with olcTLSCACertificatePath), olcTLSCertificateFile specifies the name of the certificate to use: olcTLSCertificateFile: Server-Cert If using a token other than the internal built in token, specify the token name first, followed by a colon: olcTLSCertificateFile: my hardware device:Server-Cert Use certutil -L to list the certificates by name: certutil -d /path/to/certdbdir -L
Philip Guenther