Hi,

 

I am trying to configure tls for my ldap server.

After successfully creating the below files, I try to start the ldap server and it fails.

 

/etc/openldap/cacerts/cacert.pem

/etc/openldap/cacerts/slapd-cert.pem

/etc/openldap/cacerts/slapd-key.pem

 

The log shows the below messages

 

main: TLS init def ctx failed: -1

slapd stopped.

connections_destroy: nothing to destry.

 

Slapd.conf

 

TLSCipherSuite HIGH:MEDIUM:+SSLv2

TLSCACertificateFile /etc/openldap/cacerts/cacert.pem

TLSCertificateFile /etc/openldap/cacerts/slapd-cert.pem

TLSCertificateKeyFile /etc/openldap/cacerts/slapd-key.pem

 

database         bdb

suffix   "dc=comverse-in,dc=com"

rootdn   "cn=Manager,dc=comverse-in,dc=com"

rootpw   {SSHA}hBlwVEbzHMzm1Wof9Lb1dA/fcuJDt6pr

 

/etc/openldap/ldap.conf

BASE     dc=comverse-in,dc=com

URI ldaps://devonly144.comverse-in.com

 

TLS_CACERT    /etc/openldap/cacerts/cacert.pem

TLS_CACERTDIR /etc/openldap/cacerts

TLS_REQCERT     allow

 

/etc/ldap.conf

base     dc=comverse-in,dc=com

uri ldaps://devonly144.comverse-in.com

ssl on

 

Thanks and Regards,

Naga chaitanya


===============================================================================
Please refer to http://www.aricent.com/legal/email_disclaimer.html
for important disclosures regarding this electronic communication.
===============================================================================