For SSL, I'm trying to install a self-signed certificate to OpenLDAP (version 2.4.28 on Ubuntu 12.04). Followed the following steps:
1. Created server certificate using:
openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout server.pem -days 365
2. Added following entries to /usr/share/slapd/slapd.conf:
TLSCACertificateFile server.pem 
TLSCertificateFile server.pem 
TLSCertificateKeyFile server.pem
3. Restarted openldap:
sudo /etc/init.d/slapd restart
4. Tried to read the certs:
openssl s_client -connect localhost:636 -showcerts
This causes the following error:
140409289410208:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 213 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

Can someone help with what might be wrong in the setup?


- Vijay