[OT] Slapd TLS on Squeeze

To: Debian User <debian-user@lists.debian.org>
Subject: [OT] Slapd TLS on Squeeze
From: David Dumortier <d.dumortier@free.fr>
Date: Wed, 18 May 2011 09:48:24 +0200
Message-id: <[🔎] 20110518074824.GH7489@nowhere.eden>
Reply-to: David Dumortier <d.dumortier@free.fr>

Hi everybody,

I try to setup a slapd with TLS. I generated a self-signed certificate with
these options :
certtool --generate-privkey --outfile /etc/ldap/ssl/mykey.key
certtool --generate-request --load-privkey /etc/ldap/ssl/mykey.key --outfile
/etc/ldap/ssl/mycsr.csr

		Basic Constraints (critical):
			Certificate Authority (CA): TRUE
		Key Purpose (not critical):
			TLS WWW Client.
			TLS WWW Server.
			Code signing.
			OCSP signing.
			Time stamping.
		Key Usage (critical):
			Digital signature.
			Key encipherment.
			Certificate signing.
			CRL signing.

My slapd start but when I try a debug I have :
# gnutls-cli-debug -p 636 myip
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... failed
Checking for TLS 1.0 support... no
Checking for SSL 3.0 support... no

Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1

Here is my slapd conf :
olcTLSVerifyClient: demand
olcTLSCertificateFile: /etc/ldap/ssl/mycsr.csr
olcTLSCertificateKeyFile: /etc/ldap/ssl/mykey.key

Any help would be appreciate

NB: I'm not subscribed, please cc me.
-- 
David Dumortier
d.dumortier@free.fr

Reply to:

Prev by Date: Re: Debian update/upgrade good practices?
Next by Date: Re: php5 gd imagerotate() function
Previous by thread: Re: SWF (Adobe Flash) support
Next by thread: Re: php5 gd imagerotate() function
Index(es):
- Date
- Thread