From owner-freebsd-questions@freebsd.org Mon Nov 4 12:19:17 2019 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A68F317F378 for ; Mon, 4 Nov 2019 12:19:17 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 476Bg83jDxz4NLH for ; Mon, 4 Nov 2019 12:19:16 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-qt1-x831.google.com with SMTP id h2so10307051qto.1 for ; Mon, 04 Nov 2019 04:19:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=date:from:to:subject:message-id:reply-to:organization:mime-version :content-transfer-encoding; bh=d1kItB9B6269/9RUY58U55I49sc/8isPG4Wr01IKB1U=; b=f4yECCnRtK4y4ont8OfvRGdoznGBu8iGMRcPcmimsyeDH247t4r7J+G4xXT3jN8aFE gs/n6p+mhRmeFi2aXruWFjtP9BNsdgXfRRTN3KRxnIuMJaUdkxwAXU5EnUK7rinAOIam CogOjNMme0/ww5v+jJPJdxor5+9BALJygCm7A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:reply-to :organization:mime-version:content-transfer-encoding; bh=d1kItB9B6269/9RUY58U55I49sc/8isPG4Wr01IKB1U=; b=tbB343Xfsg3sGWygaTYAh1Zj2rrqS0eYQf8VUzsSB9tN2XjpxYipMpbkGIMQMg87u9 Ah1zgU14BqTSjiWlSdbi1YjHG3hMkNlYir0+wGfyg2DX+lw66uT2OHps5C+Le8vHgUeY bPQIZhihJPgqL6Tao//tRrpfFzmnBFZUj8t3sUXIGLjjfzDEBgsCy8TnT6Jimmqc0Hpp d9seVmh7tZ+ZwUpAIWf497d2HBIKyZAApueDKn7hxQj8A32MNuEZnZOI+PZs0qRQqS7T 1oyfu5feG0V6lDxzMqxdcNaL6hu0afFjw+qYUFvaZq2NGCWQCEHZkn7UTtiMAEn+Mu8w /STw== X-Gm-Message-State: APjAAAVagZbtbk2cch+p2YHua3y6ouP5/UWXleImgfCvd7qJ7d0ZJgGm 777q89YxwTXJ1TdLuftN+sIVZzoaUAc= X-Google-Smtp-Source: APXvYqzc25sM6VstkH4YcV+9lJukUK8tcLu5T1yqTkXrHMpJMxcpZtOU9f/QTZnP/5tJE8M+kvcbMg== X-Received: by 2002:ac8:395a:: with SMTP id t26mr12326759qtb.22.1572869955052; Mon, 04 Nov 2019 04:19:15 -0800 (PST) Received: from scorpio.seibercom.net (cpe-174-109-225-250.nc.res.rr.com. [174.109.225.250]) by smtp.gmail.com with ESMTPSA id i189sm670341qkc.65.2019.11.04.04.19.14 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Nov 2019 04:19:14 -0800 (PST) Received: from localhost (HP-ENVY [192.168.0.102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: jerry@seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTPSA id 476Bg52p9Yz5QHt for ; Mon, 4 Nov 2019 07:19:13 -0500 (EST) Date: Mon, 4 Nov 2019 07:19:11 -0500 From: Jerry To: freebsd-questions@freebsd.org Subject: openldap and letsencrypt Message-ID: <20191104071911.00005546@seibercom.net> Reply-To: freebsd-questions@freebsd.org Organization: seibercom.net X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; i686-w64-mingw32) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 476Bg83jDxz4NLH X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=f4yECCnR; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::831 as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [-0.25 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; TO_DN_NONE(0.00)[]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[seibercom.net:+]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-2.75)[ip: (-9.28), ipnet: 2607:f8b0::/32(-2.37), asn: 15169(-2.03), country: US(-0.05)]; MIME_TRACE(0.00)[0:+]; RECEIVED_SPAMHAUS_PBL(0.00)[250.225.109.174.khpj7ygk5idzvmvt5x4ziurxhy.zen.dq.spamhaus.net : 127.0.0.10]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; REPLYTO_EQ_TO_ADDR(5.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; RCPT_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[1.3.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Nov 2019 12:19:17 -0000 I am using 'openldap' with a FreeBSD 12 system. I would like to add TLS security to it using letsencrypt certificates which I am already using on my system. Can anyone point me to a good tutorial on how to accomplish this? I have found a lot of counter productive examples and none so far that pertain to FreeBSD. Thanks!