On Fri, 4 Dec 2009, Chamith Kumarage wrote:
> Hi Folks, > > I have setup openldap with SSL and i'm using self signed certs. I have > included the following in my slapd.conf. > > TLSCipherSuite HIGH:MEDIUM:-SSLv2 > TLSCACertificateFile /etc/ldap/ssl/server.pem > TLSCertificateFile /etc/ldap/ssl/server.pem > TLSCertificateKeyFile /etc/ldap/ssl/server.pem > TLSVerifyClient demand > > and in my ldap.conf I have; > > HOST <my_ip> > PORT 636 > TLS_REQCERT /etc/ldap/ssl/server.pem What slapd starting line (-h option) you've used? should be something like "ldap://127.0.0.1:389/ ldaps://127.0.0.1:636/ ldapi:///" E.g. in Debian it's configured via /etc/default/slapd file. Regards, DT
