For SSL, I'm trying to install a self-signed certificate to OpenLDAP
(version 2.4.28 on Ubuntu 12.04). Followed the following steps:
*1. Created server certificate using:*
openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout
server.pem -days 365
*2. Added following entries to /usr/share/slapd/slapd.conf:*
TLSCACertificateFile server.pem
TLSCertificateFile server.pem
TLSCertificateKeyFile server.pem
*3. Restarted openldap:*
sudo /etc/init.d/slapd restart
*4. Tried to read the certs:*
openssl s_client -connect localhost:636 -showcerts
This causes the following error:
*CONNECTED(00000003)*
*140409289410208:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
failure:s23_lib.c:177:*
*---*
*no peer certificate available*
*---*
*No client certificate CA names sent*
*---*
*SSL handshake has read 0 bytes and written 213 bytes*
*---*
*New, (NONE), Cipher is (NONE)*
*Secure Renegotiation IS NOT supported*
*Compression: NONE*
*Expansion: NONE*
*---*
Can someone help with what might be wrong in the setup?
Thanks
--
- Vijay