On 3/5/07, Alexander Lopez <zepolar at gmail.com> wrote: > Hi everybody > I have setting my ldap server. But I created an certificate with the > following command: > cd /usr/share/ssl/certs; make ldap.pem > Then edit slapd.conf file a insert the following lines: > TLSCipherSuite HIGH:MEDIUM:+SSLv2 > TLSCACertificateFile /usr/share/ssl/certs/ldap.pem > TLSCertificateFile /usr/share/ssl/certs/ldap.pem > TLSCertificateKeyFile /usr/share/ssl/certs/ldap.pem > I restart the service. Then, I run the comando authconfig and I select ldap > with tls. I review the logs ldap server a thrown the following: > Mar 5 11:54:38 eucalipto slapd[711]: conn=13 fd=14 ACCEPT from > IP=172.16.12.160:33935 (IP=0.0.0.0:389 ) > Mar 5 11:54:38 eucalipto slapd[711]: conn=13 op=0 STARTTLS > Mar 5 11:54:38 eucalipto slapd[711]: conn=13 op=0 RESULT oid= err=0 text= > Mar 5 11:54:39 eucalipto slapd[711]: conn=13 fd=14 closed (TLS negotiation > failure) > I need you help. Add the following to /etc/openldap/ldap.conf TLS_REQCERT allow -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell