From owner-freebsd-questions@FreeBSD.ORG  Thu May  6 12:15:55 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id A25271065670
	for <freebsd-questions@freebsd.org>;
	Thu,  6 May 2010 12:15:55 +0000 (UTC)
	(envelope-from f.bonnet@esiee.fr)
Received: from mx1.esiee.fr (mx1.esiee.fr [147.215.1.35])
	by mx1.freebsd.org (Postfix) with ESMTP id 675D48FC17
	for <freebsd-questions@freebsd.org>;
	Thu,  6 May 2010 12:15:55 +0000 (UTC)
Received: from mail.esiee.fr (mail.esiee.fr [147.215.1.3])
	by mx1.esiee.fr (Postfix) with ESMTP id C54BC136B56
	for <freebsd-questions@freebsd.org>;
	Thu,  6 May 2010 14:15:54 +0200 (CEST)
Received: from mail.esiee.fr (localhost [127.0.0.1])
	by VAMS.dummy (Postfix) with SMTP id AA3171054421
	for <freebsd-questions@freebsd.org>;
	Thu,  6 May 2010 14:15:54 +0200 (CEST)
Received: from lisa.esiee.fr (lisa.esiee.fr [147.215.1.21])
	by mail.esiee.fr (Postfix) with ESMTP id 814451054420
	for <freebsd-questions@freebsd.org>;
	Thu,  6 May 2010 14:15:54 +0200 (CEST)
Message-ID: <4BE2B2FA.1010900@esiee.fr>
Date: Thu, 06 May 2010 14:15:54 +0200
From: Frank Bonnet <f.bonnet@esiee.fr>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US;
	rv:1.9.1.9) Gecko/20100415 Thunderbird/3.0.4
MIME-Version: 1.0
To: freebsd-questions <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: LDAP and LDAPS on the same server ?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 06 May 2010 12:15:55 -0000

Hello

I actually have an Openldap directory server that runs on a FreeBSD box
at 8.0-RELEASE amd64

It runs nicely but I want to add LDAPS service on the SAME server.

Is it possible ? I have generated

cert.crt
cert.csr
cert.key

as instructed in the FreeBSD howto but when I add the following
lines in slapd.conf file it fails to restart

TLSCACertificateFile  /usr/local/etc/openldap/ssl/cert.crt
TLSCertificateFile    /usr/local/etc/openldap/ssl/cert.crt
TLSCertificateKeyFile /usr/local/etc/openldap/ssl/cert.key

in ldap.conf file I have the following

#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE	dc=esiee,dc=fr
URI	ldap://ldap.esiee.fr ldaps://ldap.esiee.fr

#SIZELIMIT	12
#TIMELIMIT	15
#DEREF		never



What did I missed ?

Thanks for any help