Hi, Everybody

Thanks a lot for interesting in my problem. I've fixed it. The problem was permissions. User openldap wasn't able to read /etc/ssl/certs directory.

CheerS

On Sun, Jan 8, 2017 at 10:20 AM, MrBiTs mrbits.dcf@gmail.com wrote:

Hello, all. Happy 2017

From the years 2009 to 2012 I've administrate as OpenLDAP cluster using SSL configurations, something like that:

backend hdb sizelimit unlimited allow bind_v2 concurrency 100

TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile: /etc/ssl/certs/ca_server.pem TLSCertificateFile: /etc/ssl/certs/ldap_server.pem TLSCertificateKeyFile: /etc/ssl/private/ldap_server.key TLSVerifyClient never

access to attrs=userPassword by anonymous auth by self write by * none access to * by self write by * none

loglevel 3 # Database configuration

database hdb suffix "dc=example,dc=com"

This year I'll start to admin another cluster, now installed in Ubuntu 16.04 using:

slapd/xenial-updates,now 2.4.42+dfsg-2ubuntu3.1 amd64 [installed] OpenLDAP server (slapd)

If I remove TLS directives from slapd.conf, the server runs fine but, of course, just using LDAP protocol without any kind of cryptography. Using the TLS directives, I always have the error

/etc/ldap/slapd.conf: line 27: unknown directive TLSCertificateFile: outside backend info and database definitions.

I did research in Google and read man 5 slapd.conf and I GUESS directives are in the right place in slapd.conf.

Anybody face this error recently and can help me with some tips?

Thanks in advance

--

LLAP

.0. MrBiTs - mrbits.dcf@gmail.com ..0 GnuPG - http://keyserver.fug.com.br:11371/pks/lookup?op=get& search=0x6EC818FC2B3CA5AB 000 http://www.mrbits.com.br