Thank you Stefan for suggestion Thank you Howard. It was exactly what I understood. When I start the daemon with command line:
slapd -h 'ldap://127.0.0.1:389 ldaps://192.168.190.58:636' -g openldap -u openldap -F /etc/ldap/slapd.d/ -d -1 I can see: 657ad073.144a7a3e 0x7f71df270200 TLS: opening `/etc/ssl/private/annuaire.lexp.fr.key' failed: Permission denied 657ad073.144b02fb 0x7f71df270200 TLS: could not use private key file `/etc/ssl/private/annuaire.lexp.fr.key`. It is more detailed than rsyslog. As Quanah suggest, this is due to permission issue. I can see these rights: -rw------- 1 openldap openldap 1704 Nov 29 17:37 /etc/ssl/private/annuaire.atol.fr.key I'm trying to check access... Jean-Luc > -----Message d'origine----- > De : Howard Chu <[email protected]> > Envoyé : jeudi 14 décembre 2023 10:46 > À : Stefan Kania <[email protected]>; openldap- > [email protected] > Objet : Re: SSL certificate install > > Stefan Kania wrote: > > Syntax error? Open your file with vi and do a "set: list" and you will see > additional blanks and tabstops. > > As always - set a higher debug level and examine the debug output. Not the > syslog output. syslog is for recording routine operation, not for isolating > problems. Use the debug output for troubleshooting. > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/
