LDAP and LDAPS on the same server ?
Frank Bonnet
f.bonnet at esiee.fr
Thu May 6 12:54:41 UTC 2010
On 05/06/10 14:34, Boris Samorodov wrote:
> On Thu, 06 May 2010 14:15:54 +0200 Frank Bonnet wrote:
>
>> I actually have an Openldap directory server that runs on a FreeBSD box
>> at 8.0-RELEASE amd64
>
>> It runs nicely but I want to add LDAPS service on the SAME server.
>
>> Is it possible ? I have generated
>
>> cert.crt
>> cert.csr
>> cert.key
>
>> as instructed in the FreeBSD howto but when I add the following
>> lines in slapd.conf file it fails to restart
>
>> TLSCACertificateFile /usr/local/etc/openldap/ssl/cert.crt
>> TLSCertificateFile /usr/local/etc/openldap/ssl/cert.crt
>> TLSCertificateKeyFile /usr/local/etc/openldap/ssl/cert.key
>
>> in ldap.conf file I have the following
>
>> #
>> # LDAP Defaults
>> #
>
>> # See ldap.conf(5) for details
>> # This file should be world readable but not world writable.
>
>> BASE dc=esiee,dc=fr
>> URI ldap://ldap.esiee.fr ldaps://ldap.esiee.fr
>
>> #SIZELIMIT 12
>> #TIMELIMIT 15
>> #DEREF never
>
>> What did I missed ?
>
> I'm not sure but maybe you should add the following line to
> /etc/rc.conf[.local]:
> -----
> slapd_flags='-h "ldap:/// ldaps:///"'
> -----
>
> Look at SLAPD(8C) for more details.
>
Cool ! it works ,
Thanks Boris :-)
More information about the freebsd-questions
mailing list