Hi, Does anyone know where the database in the message: TLS: error: the certificate '/etc/pki/tls/certs/ldap. cassens.com.pem' could not be found in the database - error -12285:Unable to find the certificate or key necessary for authentication
Is located at and how I might rebuild it? Also, the only 3 configuration directives I have set for TLS is: olcTLSCertificateFile: /etc/pki/tls/certs/ldap2.cassens.com.pem olcTLSCertificateKeyFile: /etc/pki/tls/private/ldap2.cassens.comKey.pem olcTLSCACertificateFile: /etc/pki/tls/certs/ca.pem On Wed, Mar 5, 2014 at 3:27 PM, Eric Falbe <[email protected]> wrote: > Hi, > When I try to start slapd I get this error message: > Checking configuration files for slapd: [WARNING] > PROXIED attributeDescription "DC" inserted. > config file testing succeeded > Starting slapd: @(#) $OpenLDAP: slapd 2.4.23 (Feb 3 2014 19:11:35) $ > [email protected]: > /builddir/build/BUILD/openldap-2.4.23/openldap-2.4.23/build-servers/servers/slapd > PROXIED attributeDescription "DC" inserted. > bdb_db_open: database "dc=cassens,dc=com": unclean shutdown detected; > attempting recovery. > bdb_db_open: database "cn=accesslog": unclean shutdown detected; > attempting recovery. > slapd starting > TLS: error: the certificate '/etc/pki/tls/certs/ldap.cassens.com.pem' > could not be found in the database - error -12285:Unable to find the > certificate or key necessary for authentication.. > TLS: certificate '/etc/pki/tls/certs/ldap.cassens.com.pem' successfully > loaded from PEM file. > TLS: no unlocked certificate for certificate 'CN=ldap.cassens.com,OU=Ldap > Server,O=Cassens Transport Company,C=US'. > ppolicy_bind: Setting warning for password expiry for > cn=replication,dc=cassens,dc=com = 0 seconds > ^Cdaemon: shutdown requested and initiated. > slapd shutdown: waiting for 0 operations/tasks to finish > slapd stopped. > > > This server was working last night, I had to promote our secondary ldap > server this morning. > > I have attempted to rebuild the database backend (with slapcat and > slapadd), but am still getting this same error. I have my ssl > (self-signed) certificates located in > /etc/pki/tls/certs/ldap.cassens.com.pem /etc/pki/tls/tls/certa/ca.pem > /etc/pki/tls/private/ldap.cassens.comKey.pem > > These certificates worked fine up untill today, does anyone have any > insight on where to look to being troubleshooting this issue? > > Thanks, > Eric Falbe >
