Pages

OpenLDAP & TLS

vendredi 12 août 2016

Well, I all of a sudden made progress. While tailing the syslog file I saw an apparmor error preventing slaps from reading the cert files, even though the permissions on the cert files should have allowed it. This seems to be a common issue, although some people report that they were able to get around it by setting file permissions. I was not. I tried to add a recursive read rule to /etc/apparmor.d/local/usr.sbin.slapd but that still showed the read error (probably because I do not understand apparmor). I added each cert file, and it can now read them. So the ldapmodify command succeeds.

Now the issue I am working on is getting Apache Directory Server to work. I can create the connection, test the auth (which works), and retrieve the base dn. But, once I complete the connection and actually try to connect, it hangs.

Let's block ads! (Why?)



OpenLDAP & TLS

Aucun commentaire:

Enregistrer un commentaire