IBM TechXchange Community Conference Events IBM Developer   IBM Training  

AIX Open Source

AIX Open Source

Share your experiences and connect with fellow developers to discover how to build and manage open source software for the AIX operating system

 View Only
Back to discussions
Expand all | Collapse all

TLS on OpenLdap 2.4.46

  • 1.  TLS on OpenLdap 2.4.46

    Posted Tue November 05, 2019 09:22 AM

    Originally posted by: pop123


    Hi,

    I have install Openldap 2.4.46 and nss 3.34 from your site.

    I want to start the Openldap with TLS authentification

    I put in the slapd.conf the following:

    TLSCACertificatePath  /etc/openldap/certs
    TLSCertificateFile  "dc2ts702i.main.aviva.eu.corp"
    TLSCertificateKeyFile  /etc/openldap/certs/password

     

    When I start the slapd server with:

    dc2ts702i<root>(/var/log)# /usr/sbin/slapd -u ldap -h 'ldapi:/// ldaps:/// ldap:///' -d3 -f /etc/openldap/slapd.conf

    I have the following error:

     

    TLS: could not use certificate `dc2ts702i.main.aviva.eu.corp'.        <====  Error !!
5dc01ed5 main: TLS init def ctx failed: -1
5dc01ed5 slapd destroy: freeing system resources.
5dc01ed5 syncinfo_free: rid=300
5dc01ed5 slapd stopped.
5dc01ed5 connections_destroy: nothing to destroy.

     

     

    Could you please advice me ?

     Thanks a lot,

    Razvan

     



  • 2.  Re: TLS on OpenLdap 2.4.46

    Posted Wed November 06, 2019 09:46 AM

    Originally posted by: pop123


    Hi,

     

    Could you please tell me that Openldap 2.4.46 from your site accepts TLS/SSL authentification ?

    Because I have serious problems in setting TLS/SSL authentification within Openldap

     

    Please advice me,

    Thanks

    Razvan



  • 3.  Re: TLS on OpenLdap 2.4.46

    Posted Wed November 06, 2019 11:09 AM

    Originally posted by: AyappanP


    It has support for TLS/SSL .

    For settings & help , please look into http://www.openldap.org/doc/admin24/tls.html



  • 4.  Re: TLS on OpenLdap 2.4.46

    Posted Fri November 08, 2019 05:26 AM

    Originally posted by: pop123


    Hi,

     

    Please could you tell me if the Openldap 2.4.46 have support for  Mozilla NSS instead of Openssl for TLS/SSL ?

     

    Thanks for you answer,

    Razvan P



  • 5.  Re: TLS on OpenLdap 2.4.46

    Posted Fri November 08, 2019 07:47 AM

    Originally posted by: AyappanP


    it uses Openssl



Global message icon