Ok, I solved the problem. I had to add openca.schema to slapd.conf
# Schema and objectClass definitions include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/inetorgperson.schema include /usr/src/openca-0.9.2.2/contrib/openldap/openca.schema When I did this I got some conflicts between openca and core schema! (slapd 2.2.23-8 debian) I had to comment some things in core.schema to get it working. #objectclass ( 2.5.6.21 NAME 'pkiUser' ... #objectclass ( 2.5.6.22 NAME 'pkiCA' ... Or is there a better way to solve this. Starting OpenLDAP: (db4.2_recover not found), slapd - failed: /usr/src/openca-0.9.2.2/contrib/openldap/openca.schema: line 122: Duplicate objectClass: "2.5.6.21" Regards Benjamin Michael Bell wrote: > Benjamin Henne wrote: > >> Hello. >> I'm trying to add LDAP support to my openca pki. >> >> When I import data from higher level to RA I get this error, >> which I cannot solve: >> >> Importing CA-Certificates into ldap ... >> Cannot write CA-Certificate b138561c768c72828f62c2879c098639 to LDAP. >> (error 21: LDAP-add failed: objectclass: value #2 invalid per syntax) > > > This is a problem with the objectclass stack. Can you activate the debug > switch in ldap.xml? Usually there is an unkown objectclass (schema > problem) or wrong order. > > Michael ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
