Hello, all. Happy 2017
From the years 2009 to 2012 I've administrate as OpenLDAP cluster using SSL
configurations, something like that:
backend hdb sizelimit unlimited allow bind_v2 concurrency 100
TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile: /etc/ssl/certs/ca_server.pem TLSCertificateFile: /etc/ssl/certs/ldap_server.pem TLSCertificateKeyFile: /etc/ssl/private/ldap_server.key TLSVerifyClient never
access to attrs=userPassword by anonymous auth by self write by * none access to * by self write by * none
loglevel 3 # Database configuration
database hdb suffix "dc=example,dc=com"
This year I'll start to admin another cluster, now installed in Ubuntu 16.04 using:
slapd/xenial-updates,now 2.4.42+dfsg-2ubuntu3.1 amd64 [installed] OpenLDAP server (slapd)
If I remove TLS directives from slapd.conf, the server runs fine but, of course, just using LDAP protocol without any kind of cryptography. Using the TLS directives, I always have the error
/etc/ldap/slapd.conf: line 27: unknown directive TLSCertificateFile: outside backend info and database definitions.
I did research in Google and read man 5 slapd.conf and I GUESS directives are in the right place in slapd.conf.
Anybody face this error recently and can help me with some tips?
Thanks in advance