On Tue, Mar 31, 2009 at 01:38:29PM -0700, Maria McKinley wrote: > Predrag Gavrilovic wrote: >
[snip]
> > Try stoping slapd, put certificate information in config file, and
> > start slapd manualy with debugging "slapd -u openldap -g openldap -h
> > ldapi:/// -d255". Are there more indicative error messages?
>
> Here is what I believe are the relevant lines
>
> TLS: could not set cipher list HIGH.
> main: TLS init def ctx failed: -1
maybe the cypher suite names have changed from openssl to gnutls,
another catch I have found is that gnutls doesn't support encrypted
private keys! I find this to be a pain, why use a private key if you
can't encrypt it - which is why I compile my own ldap libraries against
openssl
> slapd destroy: freeing system resources.
> slapd stopped.
> connections_destroy: nothing to destroy.
>
[snip]
>
> thanks for the help,
> maria
>
>
>
>
--
"I hope I--I don't want to sound like I've made no mistakes. I'm confident I
have. I just haven't--you just put me under the spot here, and maybe I'm not as
quick on my feet as I should be in coming up with one."
- George W. Bush
04/03/2004
Washington, DC
Press Conference - after being asked to name the biggest mistake he had made
signature.asc
Description: Digital signature
