Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Openldap and SSL

  • 07-04-2012 8:12pm
    #1
    Registered Users, Registered Users 2 Posts: 811 ✭✭✭


    I install openldap on redhat linux 6
    imported a ldif file and setup slapd.conf and ldap.conf

    all works fine I can browse ldap directory fine using port 389
    but when I try to setup a ssl ldap server if fails to startup

    I tried to follow these instructions
    http://www.openldap.org/faq/data/cache/185.html

    but I appear to missing some files
    like
    cacert.pem
    serverkey.pem

    anybody else have experience on this
    if I uncomment the ssl config the ldap server start up fine


Comments

  • Registered Users, Registered Users 2 Posts: 811 ✭✭✭Rambo


    Redhat linux 6 openldap and SSL
    I got this working

    CA.sh script is located at /etc/pki/tls/misc
    which is called CA no .sh

    the cacert.pem file were located at
    /etc/pki/CA/

    and I followed the instructions very carefullly
    http://www.openldap.org/faq/data/cache/185.html

    just had to change path
    ./etc/pki/tls/misc/CA -newca


  • Registered Users, Registered Users 2 Posts: 200 ✭✭druidhill


    A few points for you to consider:

    It sounds like it cannot find the files you mentioned, so check their location (and that you have correct permissions on them).

    Are you using the correct port?

    I know I did set this up before and got it working, but am a little rusty on it. Also, I used the following:

    olcTLSCACertificateFile
    olcTLSCertificateFile
    olcTLSCertificateKeyFile

    I think it has something to do with the way I set up OpenLDAP (using cn=config), but as I said, I am unsure of exactly what I did because it was a while ago, I just know it was up and running encrypted.

    I'd say work through the guide again, double checking what you did. You should get it up and running then.

    Good luck.


  • Registered Users, Registered Users 2 Posts: 200 ✭✭druidhill


    OP, have you an update for us?
    (I looked into this again for my own setup and it is up and working, so might have a couple of more suggestions for you). Let us know.


Advertisement