A solution I found is simply to add openldap user to the ssl-cert group, which is the group that is allowed to read certificate key files under /etc/ssl/private, at least in a default hardy install.
-- dapper upgrade to hardy: openldap silently refuses to start when unable to open SSL certificates - main: TLS init def ctx failed: -64 https://bugs.launchpad.net/bugs/227744 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs