>>> Quanah Gibson-Mount <[email protected]> schrieb am 18.07.2019 um 22:35 in Nachricht <0DBBAC4F8151F9DFD2CCA8D6@[192.168.1.39]>: > --On Thursday, July 18, 2019 1:08 PM -0700 Quanah Gibson-Mount > <[email protected]> wrote: > >>> build@c7rpm:/home/build/git/rheldap/RHEL7_x86_64/BUILD...lapd >>> Jul 18 11:55:29 localhost.localdomain slapd[2133]: main: TLS init def ctx >>> failed: -1 >>> Jul 18 11:55:29 localhost.localdomain slapd[2133]: Enter PEM pass phrase: >> >> This clearly indicates your key file is password protected, which is not >> supported. > > To be clear, it's not supported to use a password protected key file and > then try and start slapd via an automated init system such as systemd. To > use a password protected key file requires that you start slapd manually so > you can provide the password as part of the startup process so slapd can > access it.
Well, it wopuldn't really add security, but maybe slapd should have a mechanism to read the private key's password from some file or pipe in the future. > > Regards, > Quanah > > > > > -- > > Quanah Gibson-Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <http://www.symas.com>
