Hello,
I have a proxy configuration with severall backend directories and one of them in TLS.
I thus added the following line in ldap.conf in order to let it know the remote server server CA certificate TLS_CACERT /opt/openldap/etc/openldap/cacert.pem
This is working when this line is inserted in $HOME/ldaprc or $HOME/.ldaprc but never working when inserted in the system-wide ldap configuration file (/usr/local/etc/openldap/ldap.conf).
Not working neither when inserted in /opt/openldap/etc/openldap/ldap.conf (my proxy is installed in /opt/openldap).
Is this a bug ? if not, what is the real ldap.conf search order ?
Thanks, Michel
Une messagerie gratuite, garantie à vie et des services en plus, ça vous tente ? Je crée ma boîte mail www.laposte.net
On 08/04/2011 05:28 AM, Michel Gruau wrote:
Hello,
I have a proxy configuration with severall backend directories and one of them in TLS.
I thus added the following line in ldap.conf in order to let it know the remote server server CA certificate TLS_CACERT /opt/openldap/etc/openldap/cacert.pem
This is working when this line is inserted in $HOME/ldaprc or $HOME/.ldaprc but never working when inserted in the system-wide ldap configuration file (/usr/local/etc/openldap/ldap.conf).
Not working neither when inserted in /opt/openldap/etc/openldap/ldap.conf (my proxy is installed in /opt/openldap).
Is this a bug ? if not, what is the real ldap.conf search order ?
What platform? Did you build it yourself from source or was it a package? Do you know what TLS implementation (openssl, gnutls, moznss) it is using?
Thanks, Michel
https://compte.laposte.net/inscription/index.do?jeux=2011FOOTER_generique
Does anyone know why ldap.conf is found nowhere except in $HOME/ldaprc and $HOME/.ldaprc ? Thanks, Michel
Message du 04/08/11 13:28 De : "Michel Gruau" A : "openldap-technical openldap org" Copie à : Objet : ldap.conf search order problem
Hello,
I have a proxy configuration with severall backend directories and one of them in TLS.
I thus added the following line in ldap.conf in order to let it know the remote server server CA certificate TLS_CACERT /opt/openldap/etc/openldap/cacert.pem
This is working when this line is inserted in $HOME/ldaprc or $HOME/.ldaprc but never working when inserted in the system-wide ldap configuration file (/usr/local/etc/openldap/ldap.conf).
Not working neither when inserted in /opt/openldap/etc/openldap/ldap.conf (my proxy is installed in /opt/openldap).
Is this a bug ? if not, what is the real ldap.conf search order ?
Thanks, Michel
Une messagerie gratuite, garantie à vie et des services en plus, ça vous tente ? Je crée ma boîte mail www.laposte.net
Message du 04/08/11 13:28 De : "Michel Gruau" A : "openldap-technical openldap org" Copie à : Objet : ldap.conf search order problem
Hello,
I have a proxy configuration with severall backend directories and one of them in TLS.
I thus added the following line in ldap.conf in order to let it know the remote server server CA certificate TLS_CACERT /opt/openldap/etc/openldap/cacert.pem
This is working when this line is inserted in $HOME/ldaprc or $HOME/.ldaprc but never working when inserted in the system-wide ldap configuration file (/usr/local/etc/openldap/ldap.conf).
Not working neither when inserted in /opt/openldap/etc/openldap/ldap.conf (my proxy is installed in /opt/openldap).
Is this a bug ? if not, what is the real ldap.conf search order ?
Michel,
You can find the location of the ldap.conf that your installed libraries are using with strace, or your system's equivalent:
~$ strace ldapsearch 2>&1 | grep ldap.conf open("/etc/ldap/ldap.conf", O_RDONLY) = 3
Make sure the file is readable by your user.
openldap-technical@openldap.org
-
Dan White -
Michel Gruau -
Rich Megginson