On Mon, 2003-06-23 at 10:50, Barry Kostjens wrote: > On Monday 23 June 2003 16:38, Stephen Varga wrote: > > Yes, that pem file is really there. > Can you tell me how you created your openldap.pem?
>From Turbo F's How-To: http://www.bayour.com/LDAPv3-HOWTO.html openssl req -new -x509 -nodes -out server.pem -keyout server.pem -days 365 I just remembered I also have the following line in my ldap.conf TLS_REQCERT allow I think it lets the cert be accepted even though it can not be verified. Steve > > Here is what is in my config: > > > > TLSCertificateFile /etc/openldap/openldap.pem > > TLSCertificateKeyFile /etc/openldap/openldap.pem > > TLSCACertificateFile /etc/openldap/openldap.pem > > > > openldap.pem was created using openssl. > > > > You really have /ect directory on your sytem? > > > > Steve > > > > On Mon, 2003-06-23 at 08:45, Barry Kostjens wrote: > > > No, that's not a typo. This file really exists. > > > > > > I Tried to put the cacert.pem in other dir's and changed the config, but > > > no go. > > > > > > When i Look in the o'reilly book, they don't even enter this line in the > > > config. Tried that too, but doesn't work. > > > > > > On Monday 23 June 2003 14:11, Stephen Varga wrote: > > > > On Mon, 2003-06-23 at 04:16, Barry Kostjens wrote: > > > > > daemon_init: 1 listeners opened > > > > > slapd init: initiated server. > > > > > TLS: could not load verify locations > > > > > (file:`/ect/ssl/demoCA/cacert.pem',dir:`'). > > > > > > > > ^^^ this should probably be 'etc' > > > > > > > > It looks like you have a typo in your config file. > > > > > > > > > TLS: error:02001002:system library:fopen:No such file or directory > > > > > bss_file.c:104 > > > > > > > > -- > > > > [EMAIL PROTECTED] mailing list > > > > > > -- > > > [EMAIL PROTECTED] mailing list > > > > -- > > [EMAIL PROTECTED] mailing list > > > -- > [EMAIL PROTECTED] mailing list > > -- [EMAIL PROTECTED] mailing list