Hi, Not a very important question, just a little puzzled by this... Is there a reason why the olcTLSCACertificateFile and olcTLSCertificateFile paths show up as encrypted in this cn=config search?
slapd 2.4.46 on Debian 9.5 (Stretch) ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b 'cn=config' -s base dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/slapd/slapd.args olcLogLevel: stats olcLogLevel: sync olcPidFile: /var/run/slapd/slapd.pid olcServerID: 1 olcTLSCACertificateFile:: IC9ldGMvbGRhcC9zc2wvQ09NT0RPX0NBX2J1bmRsZS5jcnQ= olcTLSCertificateFile:: ICAgL2V0Yy9sZGFwL3NzbC9TVEFSX2JpY19tbmlfbWNnaWxsX2NhLmNydA== olcTLSCertificateKeyFile: /etc/ldap/ssl/STAR_bic_mni_mcgill_ca.key olcTLSCipherSuite: NORMAL olcTLSVerifyClient: allow olcToolThreads: 1 There is an extra ':' ... When I edit/display the cn=config with ldapvi (old fart here!) they show up as: olcTLSCACertificateFile:; /etc/ldap/ssl/COMODO_CA_bundle.crt olcTLSCertificateFile:; /etc/ldap/ssl/STAR_bic_mni_mcgill_ca.crt again, notice the ';' this time... Just curious! Thanks, jf
