On 18/08/2015 20:27, Aneela Saleem wrote:
I get following result
ldap_initialize( ldap://localhost:389/??base )
dn:cn=admin,cn=config
Result: Success (0)
On Tue, Aug 18, 2015 at 11:24 PM, Abdelkader Chelouah
<[email protected] <mailto:[email protected]>> wrote:
On 18/08/2015 20:11, Aneela Saleem wrote:
When i add below file i.e., ssl_mod.ldif
*
*
*dn: cn=config*
*changetype: modify*
*add: olcTLSCACertificateFile*
*olcTLSCACertificateFile: /etc/ldap/cacert.pem*
*-*
*add: olcTLSCertificateFile*
*olcTLSCertificateFile: /etc/ldap/servercrt.pem*
*-*
*add: olcTLSCertificateKeyFile*
*olcTLSCertificateKeyFile: /etc/ldap/serverkey.pem*
*-*
*add: olcTLSCipherSuite*
*olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2*
*
*
using following command:
ldapmodify -h localhost -p 389 -D "cn=admin,cn=config" -w 123 -f
mod_ssl.ldif
i get ldap_result: Can't contact LDAP server (-1) error.
Although LDAP is running. I can run following command i.e.,
ldapsearch -h localhost -p 389 -D
"cn=admin,dc=platalytics,dc=com" -w 123 -b
"dc=platalytics,dc=com" "objectclass=*"
How can i make ldaps work?
On Tue, Aug 18, 2015 at 7:37 PM, Aneela Saleem
<[email protected] <mailto:[email protected]>> wrote:
Where i can find the logs?
On Tue, Aug 18, 2015 at 7:36 PM, Aneela Saleem
<[email protected] <mailto:[email protected]>> wrote:
I wrote the above lines in olcDatabase={0}config.ldif
file. When i restart slapd it gets failed.
On Tue, Aug 18, 2015 at 7:14 PM, Aneela Saleem
<[email protected] <mailto:[email protected]>>
wrote:
Which file i need to write this in?
On Tue, Aug 18, 2015 at 7:09 PM, Abdelkader Chelouah
<[email protected] <mailto:[email protected]>>
wrote:
On 18/08/2015 16:05, Aneela Saleem wrote:
I have no slapd.conf. I have cn=conf
On Tue, Aug 18, 2015 at 6:54 PM, Abdelkader
Chelouah <[email protected]
<mailto:[email protected]>> wrote:
On 18/08/2015 15:51, Aneela Saleem wrote:
Thanks Michael and Abdelkader.
Abdelkaded the link you provided is for
slapd.conf distribution. Can you please
guide me how to do "cn=config" distribution?
On Tue, Aug 18, 2015 at 6:45 PM, Abdelkader
Chelouah <[email protected]
<mailto:[email protected]>> wrote:
On 18/08/2015 15:41, Michael Ströder wrote:
Aneela Saleem wrote:
Can anyone please provide me
some link for enabling "ldaps"
http://www.openldap.org/doc/admin24/tls.html
Ciao, Michael.
or
http://www.openldap.org/faq/data/cache/185.html
regards
You can convert a slapd.conf to cn=config
using slaptest
slaptest -f path/to/slapd.conf -F
path/to/slapd.d
# cn=config
dn: cn=config
objectClass: olcGlobal
cn: config
...
olcTLSCACertificateFile: /path/to/cacert
olcTLSCertificateFile: /path/to/cert
olcTLSCertificateKeyFile: /path/to/key
olcTLSCipherSuite: HIGH:MEDIUM:!SSLv3:!SSLv2
...
Can you run
ldapwhoami -vxD cn=admin,cn=config -w 123 -H ldap://localhost:389
Ok, retry the "ldapmodify" command using
ldapmodify -xD cn=admin,cn=config -w 123 -H ldap://localhost:389 -f
mod_ssl.ldif
