Dnia czwartek, 6 maja 2010 o 14:15:54 Frank Bonnet napisaĆ(a): > Hello > > I actually have an Openldap directory server that runs on a FreeBSD box > at 8.0-RELEASE amd64 > > It runs nicely but I want to add LDAPS service on the SAME server. > > Is it possible ? I have generated > > cert.crt > cert.csr > cert.key > > as instructed in the FreeBSD howto but when I add the following > lines in slapd.conf file it fails to restart > > TLSCACertificateFile /usr/local/etc/openldap/ssl/cert.crt It is certificate of CA(Certificate Authority). I think it should be different than your server certificate. If you create self-signed certificate you first create your own CA and then issue certificate for the server or clients.
> TLSCertificateFile /usr/local/etc/openldap/ssl/cert.crt > TLSCertificateKeyFile /usr/local/etc/openldap/ssl/cert.key > > in ldap.conf file I have the following > > # > # LDAP Defaults > # > > # See ldap.conf(5) for details > # This file should be world readable but not world writable. > > BASE dc=esiee,dc=fr > URI ldap://ldap.esiee.fr ldaps://ldap.esiee.fr > > #SIZELIMIT 12 > #TIMELIMIT 15 > #DEREF never This is used for client side not server side. > What did I missed ? slapd_flags in rc.conf? Maciek _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[email protected]"
