Hi everybody, I try to setup a slapd with TLS. I generated a self-signed certificate with these options : certtool --generate-privkey --outfile /etc/ldap/ssl/mykey.key certtool --generate-request --load-privkey /etc/ldap/ssl/mykey.key --outfile /etc/ldap/ssl/mycsr.csr
Basic Constraints (critical): Certificate Authority (CA): TRUE Key Purpose (not critical): TLS WWW Client. TLS WWW Server. Code signing. OCSP signing. Time stamping. Key Usage (critical): Digital signature. Key encipherment. Certificate signing. CRL signing. My slapd start but when I try a debug I have : # gnutls-cli-debug -p 636 myip Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... failed Checking for TLS 1.0 support... no Checking for SSL 3.0 support... no Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1 Here is my slapd conf : olcTLSVerifyClient: demand olcTLSCertificateFile: /etc/ldap/ssl/mycsr.csr olcTLSCertificateKeyFile: /etc/ldap/ssl/mykey.key Any help would be appreciate NB: I'm not subscribed, please cc me. -- David Dumortier d.dumort...@free.fr -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110518074824.gh7...@nowhere.eden