Another small problem with it; the AppArmor profile allows reading from /etc/ssl/certs/* and /etc/ssl/private/* - but because of this bug, you have to put the cert elsewhere, forcing one to break the AppArmor profile.
As a temporary solution, the installer could add /etc/ldap/private/, owned by openldap:openldap and modify AppArmor to allow slapd to read from that directory? -- dapper upgrade to hardy: openldap silently refuses to start when unable to open SSL certificates - main: TLS init def ctx failed: -64 https://bugs.launchpad.net/bugs/227744 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs