Thank you, Michael. That helps. I think I found what I was looking for here:
https://wiki.debian.org/LDAP/OpenLDAPSetup
Specifically, the attributes to add to an LDIF to specify the location of the certificate files:
dn: cn=config add: olcTLSCACertificateFile olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem - add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ssl/private/server-key.pem - add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ssl/certs/server-cert.pem
Hopefully, this will get me where I need to go.
Thanks for your help!
-----Original Message----- From: Michael Proto michael.proto@tstllc.net To: jumpgroup jumpgroup@aol.com Cc: openldap-technical openldap-technical@openldap.org Sent: Wed, Jan 8, 2014 11:08 am Subject: Re: Port 636 and SLAPD(8)
Look at /etc/sysconfig/ldap. There's a line in there SLAPD_LDAPS=no. Change to yes and restart slapd and you should have a listener on 636.
On Wed, Jan 8, 2014 at 10:10 AM, jumpgroup@aol.com wrote:
Hello Experts,
In need of a little guidance please.
I'm installed OpenLdap 2.4.23 on RHEL in a sandbox and would like to enable SSL on port 636. All documentation references SLAPD(5), but since I'm using SLAPD(8), I do not know have the slapd.conf file. Looking for the current SLAPD(8) method of configuring this along with starting the service to support port 636.
Thanks in advance!
Jeff P.