Hi,
Looking for feedback on why this is not working, or if it is a bug.
The details of my configuration are here: http://serverfault.com/questions/702739 http://serverfault.com/questions/702739
I discovered (and proved), that ldapsearch is not honouring TLS_CERT/TLS_KEY in /etc/openldap/ldap.conf. I’m running the query as “root” and selinux is disabled.
If however, I put the TLS_CERT/TLS_KEY in my ~/ldaprc or ~/.ldaprc, then they are honoured.
Is this a bug?
What is stopping the “global default” of TLS_CERT/TLS_KEY from being read?
…deon
On 07/06/15 08:53 +1000, Deon George wrote:
Hi,
Looking for feedback on why this is not working, or if it is a bug.
The details of my configuration are here: http://serverfault.com/questions/702739 http://serverfault.com/questions/702739
I discovered (and proved), that ldapsearch is not honouring TLS_CERT/TLS_KEY in /etc/openldap/ldap.conf. I’m running the query as “root” and selinux is disabled.
If however, I put the TLS_CERT/TLS_KEY in my ~/ldaprc or ~/.ldaprc, then they are honoured.
Is this a bug?
What is stopping the “global default” of TLS_CERT/TLS_KEY from being read?
Both TLS_CERT and TLS_KEY are user-only options, by design. See the manpage for ldap.conf for details on how to specify the settings within a user configuration file.
--On Monday, July 06, 2015 9:53 AM +1000 Deon George deon@leenooks.net wrote:
Hi,
Looking for feedback on why this is not working, or if it is a bug.
The details of my configuration are here: http://serverfault.com/questions/702739
I discovered (and proved), that ldapsearch is not honouring TLS_CERT/TLS_KEY in /etc/openldap/ldap.conf. I'm running the query as "root" and selinux is disabled.
MozNSS based builds of OpenLDAP need to contact RedHat for support. It is strongly advised to avoid any OpenLDAP build linked to MozNSS.
--Quanah
--
Quanah Gibson-Mount Platform Architect Zimbra, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration
openldap-technical@openldap.org
-
Dan White -
Deon George -
Quanah Gibson-Mount