Originally posted by: pop123

Hi,

I have install Openldap 2.4.46 and nss 3.34 from your site.

I want to start the Openldap with TLS authentification

I put in the slapd.conf the following:

TLSCACertificatePath  /etc/openldap/certs
TLSCertificateFile  "dc2ts702i.main.aviva.eu.corp"
TLSCertificateKeyFile  /etc/openldap/certs/password

When I start the slapd server with:

dc2ts702i<root>(/var/log)# /usr/sbin/slapd -u ldap -h 'ldapi:/// ldaps:/// ldap:///' -d3 -f /etc/openldap/slapd.conf

TLS: could not use certificate `dc2ts702i.main.aviva.eu.corp'.        <====  Error !!
5dc01ed5 main: TLS init def ctx failed: -1
5dc01ed5 slapd destroy: freeing system resources.
5dc01ed5 syncinfo_free: rid=300
5dc01ed5 slapd stopped.
5dc01ed5 connections_destroy: nothing to destroy.

Originally posted by: pop123

Hi,

Could you please tell me that Openldap 2.4.46 from your site accepts TLS/SSL authentification ?

Because I have serious problems in setting TLS/SSL authentification within Openldap

Please advice me,

Thanks

Razvan

Originally posted by: AyappanP

It has support for TLS/SSL .

For settings & help , please look into http://www.openldap.org/doc/admin24/tls.html

Originally posted by: pop123

Hi,

Please could you tell me if the Openldap 2.4.46 have support for  Mozilla NSS instead of Openssl for TLS/SSL ?

Thanks for you answer,

Razvan P

Originally posted by: AyappanP

it uses Openssl