Hi All,
I am using OpenLDAP 2.4.21 on RHEL 5.3.
I have configured the openldap with "./configure --with-tls" option to enable ssl in the server. I used the built-in openssl that comes with RHEL 5.3. Berkley GB is 4.8.26.
But after creating the certificates and configuring the slapd.conf with the below lines:
TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /usr/local/etc/openldap/cacert.pem TLSCertificateFile /usr/local/etc/openldap/servercrt.pem TLSCertificateKeyFile /usr/local/etc/openldap/serverkey.pem
However, when I try to run the slapd with the -h option as "/usr/local/libexec/slapd -h "ldap:// ldaps://" -d 255"
then I get the following output:
>>
daemon_init: ldap:// ldaps:// daemon_init: listen on ldap:// daemon_init: listen on ldaps:// daemon_init: 2 listeners to open... ldap_url_parse_ext(ldap://) daemon: listener initialized ldap:// ldap_url_parse_ext(ldaps://) daemon: TLS not supported (ldaps://) slapd stopped. connections_destroy: nothing to destroy.
>>>
I am guessing something is wrong at the openldap configuration level itself. Can somebody let me know what are the pre-requisites to be followed while configuring openldap (configure options)so that SSL can be enabled successfully.
Thanks