|
ldap:TLS directives error in cent os 6.3
[root@server ~]#Yum install openldap-servers openldap-clients
[root@server ~]#vi /etc/openldap/ldap.conf 17 BASE dc=server,dc=com 18 URI ldap://192.168.0.30 [root@server ~]#cp /usr/share/openldap-servers/slapd.conf.obsolete /etc/openldap/slapd.conf Cp:overwrite ‘/etc/openldap/slapd.conf’?y [root@server ~]#cp /usr/share/openldap-servers/DB_CONFIG.example /var/lib/ldap/DB_CONFIG Cp:overwrite ‘/var/lib/ldap/DB_CONFIG’?y [root@server ~]#slappasswd New password: Re-enter new password: {SSHA}v5LeT/Da8H2bChQxWae5FToNYE9J/TNJ [root@server ~]#vi /etc/openldap/slapd.conf :%s/dc=my-domain/dc=server/g 124 rootpw {SSHA}v5LeT/Da8H2bChQxWae5FToNYE9J/TNJ [root@server ~]#vi /root/root.ldif #root dn: dc=server,dc=com dc: server objectClass: dcObject onjectClass: organizationalUnit ou: server.com #staff dn: cn=root,ou=staff,dc=server,dc=com ou: staff cn: root objectClass: organizationalUnit [root@server ~]#rm –rf /etc/openldap/slapd.d/* [root@server ~]#slapadd –n 2 –l /root/root.ldif Performing database recovery to activate new settings _############################# 100.00% eta none elapsed none fast! Closing DB… [root@server ~]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d Config file testing succeeded [root@server ~]#chown –R ldap:ldap /var/lib/ldap [root@server ~]#chown –R ldap:ldap /etc/openldap/slapd.d [root@server ~]#chkconfig slapd on [root@server ~]#service slapd start Starting slapd: [OK] [root@server ~]#rm –rf /etc/openldap/slapd.d/* [root@server ~]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d Config file testing succeeded [root@server ~]#service slapd restart Stopping slapd: [OK] Starting slapd: [OK] [root@server ~]#cd /etc/pki/tls/certs [root@server ~]#rm slapd.pem rm: remove regular file ‘slapd.pem’?y [root@server certs]#make slapd.pem Country Name (2 letter code)[XX]:IT (similarly answer the next few questions) [root@server ~]# chown 650 slapd.pem [root@server certs]# chown :ldap slapd.pem [root@server certs]#ln -s /etc/pki/tls/certs/slapd.pem /etc/openldap/certs/slapd.pem [root@server certs]#vi /etc/sysconfig/ldap 16 SLAPD_LDAPS=yes [root@server certs]#vi /etc/openldap/slapd.conf 143 TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt 144 TLSCertificateFile /etc/pki/tls/certs/slapd.pem 145 TLSCACertificateKeyFile /etc/pki/tls/certs/slapd.pem [root@server certs]#vi /etc/openldap/ldap.conf 19 TLS_CACERTDIR /etc/openldap/cacerts 20 TLS_REQCERT never [root@server certs]#rm –rf /etc/openldap/slapd.d/* [root@server /]# slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d /etc/openldap/slapd.conf: line 145: unknown directive <TLSCACertificateKeyFile> inside backend database definition. slaptest: bad configuration directory! im new to linux.when i am Creating a slapd.d Configuration Directory for an openldap Server with the command slaptest i was not able to..it results some bad configuration directory error...why?how to clear the error. |
Quote:
|
Quote:
|
Quote:
You need to tell us more than "some bad configuration", and "was not able to", how you created the slapd.d file, and what the exact command is you're running to test it. There is a how-to guide here: http://www.openldap.org/doc/admin23/quickstart.html read/follow it. Tell us where you're getting stuck, which command(s) you're running, etc. Without details, we can't help. |
Quote:
slaptest -f /etc/openldap/slapd.conf -F /etc/openldap/slapd.d this is the command i had been followed.. |
Quote:
Code:
SSLVerifyClient none |
Quote:
|
Quote:
|
| All times are GMT -5. The time now is 12:28 AM. |