On 30.09.21 16:49, Gary Stainburn wrote: > [root at eddie ldap]# ldapmodify -Y EXTERNAL -H ldapi:/// -f certs.ldif > SASL/EXTERNAL authentication started > SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth > SASL SSF: 0 > modifying entry "cn=config" > ldap_modify: Other (e.g., implementation specific) error (80) > > [root at eddie ldap]# cat certs.ldif > dn: cn=config > changetype: modify > replace: olcTLSCertificateFile > olcTLSCertificateFile: /etc/openldap/certs/myldap.ringways.com.cert > > dn: cn=config > changetype: modify > replace: olcTLSCertificateKeyFile > olcTLSCertificateKeyFile: /etc/openldap/certs/myldap.ringways.com.key Try to swap the ldif order. See https://askubuntu.com/questions/936382/openldap-error-configuring-starttls-ldap-modify-other-e-g-implementation-sp Best regards Ulf