Date: Thu, 06 May 2010 14:54:40 +0200 From: Frank Bonnet <f.bonnet@esiee.fr> To: Boris Samorodov <bsam@ipt.ru> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: LDAP and LDAPS on the same server ? Message-ID: <4BE2BC10.40301@esiee.fr> In-Reply-To: <07494512@bb.ipt.ru> References: <4BE2B2FA.1010900@esiee.fr> <07494512@bb.ipt.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/06/10 14:34, Boris Samorodov wrote: > On Thu, 06 May 2010 14:15:54 +0200 Frank Bonnet wrote: > >> I actually have an Openldap directory server that runs on a FreeBSD box >> at 8.0-RELEASE amd64 > >> It runs nicely but I want to add LDAPS service on the SAME server. > >> Is it possible ? I have generated > >> cert.crt >> cert.csr >> cert.key > >> as instructed in the FreeBSD howto but when I add the following >> lines in slapd.conf file it fails to restart > >> TLSCACertificateFile /usr/local/etc/openldap/ssl/cert.crt >> TLSCertificateFile /usr/local/etc/openldap/ssl/cert.crt >> TLSCertificateKeyFile /usr/local/etc/openldap/ssl/cert.key > >> in ldap.conf file I have the following > >> # >> # LDAP Defaults >> # > >> # See ldap.conf(5) for details >> # This file should be world readable but not world writable. > >> BASE dc=esiee,dc=fr >> URI ldap://ldap.esiee.fr ldaps://ldap.esiee.fr > >> #SIZELIMIT 12 >> #TIMELIMIT 15 >> #DEREF never > >> What did I missed ? > > I'm not sure but maybe you should add the following line to > /etc/rc.conf[.local]: > ----- > slapd_flags='-h "ldap:/// ldaps:///"' > ----- > > Look at SLAPD(8C) for more details. > Cool ! it works , Thanks Boris :-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BE2BC10.40301>