Am 26.09.2018 um 22:11 schrieb Jean-Francois Malouin: > Hi> > Not a very important question, just a little puzzled by this... > Is there a reason why the olcTLSCACertificateFile and olcTLSCertificateFile > paths show up as encrypted in this cn=config search? > > slapd 2.4.46 on Debian 9.5 (Stretch) > > ldapsearch -LLLQY EXTERNAL -H ldapi:/// -b 'cn=config' -s base > dn: cn=config > objectClass: olcGlobal > cn: config > olcArgsFile: /var/run/slapd/slapd.args > olcLogLevel: stats > olcLogLevel: sync > olcPidFile: /var/run/slapd/slapd.pid > olcServerID: 1 > olcTLSCACertificateFile:: IC9ldGMvbGRhcC9zc2wvQ09NT0RPX0NBX2J1bmRsZS5jcnQ= > olcTLSCertificateFile:: > ICAgL2V0Yy9sZGFwL3NzbC9TVEFSX2JpY19tbmlfbWNnaWxsX2NhLmNydA== > olcTLSCertificateKeyFile: /etc/ldap/ssl/STAR_bic_mni_mcgill_ca.key > olcTLSCipherSuite: NORMAL > olcTLSVerifyClient: allow > olcToolThreads: 1 > > There is an extra ':' ... > > When I edit/display the cn=config with ldapvi (old fart here!) they show up > as: > > olcTLSCACertificateFile:; /etc/ldap/ssl/COMODO_CA_bundle.crt > olcTLSCertificateFile:; /etc/ldap/ssl/STAR_bic_mni_mcgill_ca.crt >
Hi, everything looks good, the "::" is a notation for base64 coding of values. Your filenames have spaces inside. You have no problems, if you want to check your Values # echo ICAgL2V0Yy9sZGFwL3NzbC9TVEFSX2JpY19tbmlfbWNnaWxsX2NhLmNydA== | base64 -d hth best regards Michael > again, notice the ';' this time... > > Just curious! > > Thanks, > jf >
