Looks like certificate Files cant be found or seen by slapd, you should check the used Path of the TLS-* Directives in the slapd.conf Next, check the Permissions of the Certificicates an the Path, all must be readable by the user your slapd is running with.

On the other side, you should upgrade to a newer version. OL 2.2.13 is really outdated.

Greetings Oliver

Luke Lee schrieb:

Hi,

I've been trying to configure TLS with OpenLDAP on a RedHat Enterprise 4u4 server running OpenLDAP 2.2.13 but failed. The ldap service won't start and the following error messages are showing under the debugging log:

TLS: could not load verify locations (file:`/etc/openldap/TLS/cacert.pem',dir:`/etc/openldap/TLS'). TLS: error:0200100D:system library:fopen:Permission denied bss_file.c:104 TLS: error:2006D002:BIO routines:BIO_new_file:system lib bss_file.c:109 TLS: error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib by_file.c:279 main: TLS init def ctx failed: -1 slapd shutdown: freeing system resources. slapd stopped. connections_destroy: nothing to destroy. Can anyone help resolve the problem please? Thanks!

Luke Lee

---

You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com, No Cost.

____________ Virus checked by G DATA AntiVirusKit Version: AVK 18.3361 from 09.04.2008 Virus news: www.antiviruslab.com