Hi everybody,
I would like to apologize me about this email discussion, in specially to Quanah and Howard. After a ton of emails sent, specially the last Quanah email, I've finally understood my error. Due it be a beginner error, I'm very embarrassed to importune you about it.
Then, I would like to apologize me with Quanah, Howard and everyone on openldap-technical@openldap.org list about time spent in this problem.
Finally, I would like thank all involved that has helped me to solve my problem.
OBS: I've removed -aes256 when I've generated server key aiming no encrypting the key. Then I've got to add all olcTLS* entries with ldapmodify and ldif file described in previous emails.
-- Igor Sousa
Em qui, 18 de jul de 2019 às 17:35, Quanah Gibson-Mount quanah@symas.com escreveu:
--On Thursday, July 18, 2019 1:08 PM -0700 Quanah Gibson-Mount quanah@symas.com wrote:
build@c7rpm:/home/build/git/rheldap/RHEL7_x86_64/BUILD...lapd Jul 18 11:55:29 localhost.localdomain slapd[2133]: main: TLS init def
ctx
failed: -1 Jul 18 11:55:29 localhost.localdomain slapd[2133]: Enter PEM pass
phrase:
This clearly indicates your key file is password protected, which is not supported.
To be clear, it's not supported to use a password protected key file and then try and start slapd via an automated init system such as systemd. To use a password protected key file requires that you start slapd manually so you can provide the password as part of the startup process so slapd can access it.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com