Hi, I created ssl certificates using this guide: http://www.credentia.cc/certs/howto/openldap.html Generating a slapd.cert and slapd.key file
I added: olcTLSCertificateFile: /etc/ldap/ssl/slapd.cert olcTLSCertificateKeyFile: /etc/ldap/ssl/slapd.key olcTLSCRLCheck: none olcTLSVerifyClient: never to cn=config.ldif file. I also put TLS_REQCERT never into /etc/ldap/ldap.conf Now I try to search: ldapsearch -x -D "cn=admin,dc=*********,dc=***" -b 'dc=**********,dc=***' '(objectclass=*)' -W -ZZ -v ldap_initialize( <DEFAULT> ) ldap_start_tls: Protocol error (2) I do not know what goes wrong, the log file does not tell me much: Jan 30 23:20:56 ********** slapd[20043]: daemon: read active on 14 Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=8 active_threads=0 tvp=zero Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=9 active_threads=0 tvp=zero Jan 30 23:20:56 ********** slapd[20043]: connection_get(14) Jan 30 23:20:56 ********** slapd[20043]: connection_get(14): got connid=4 Jan 30 23:20:56 ********** slapd[20043]: connection_read(14): checking for input on id=4 Jan 30 23:20:56 ********** slapd[20043]: ber_get_next on fd 14 failed errno=0 (Success) Jan 30 23:20:56 ********** slapd[20043]: connection_read(14): input error=-2 id=4, closing. Jan 30 23:20:56 ********** slapd[20043]: connection_closing: readying conn=4 sd=14 for close Jan 30 23:20:56 ********** slapd[20043]: connection_close: conn=4 sd=14 Jan 30 23:20:56 ********** slapd[20043]: daemon: removing 14 Jan 30 23:20:56 ********** slapd[20043]: conn=4 fd=14 closed (connection lost) Jan 30 23:20:56 ********** slapd[20043]: daemon: activity on 1 descriptor Jan 30 23:20:56 ********** slapd[20043]: daemon: activity on: Jan 30 23:20:56 ********** slapd[20043]: Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=8 active_threads=0 tvp=zero Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=9 active_threads=0 tvp=zero What else could be wrong? Thanks! nathan
