Re: slapd[5100]: connection_read(12): TLS accept error error=-1
On Fri, May 27, 2005 at 09:19:54PM +0200, Geert Stappers wrote:
> On Fri, May 27, 2005 at 09:17:39AM +0200, Ragnar Wisløff wrote:
<snip/>
> > Add to /etc/ldap/ldap.conf
> >
> > TLS_REQCERT allow
That was indeed the trick
(see below for more information)
> >
> > for each client you want to accept a self-signed certificate. If you want
> > nothing to do with certificates at all, then use
> >
> > TLS_REQCERT never
> >
> > man 5 ldap.conf gives you all the gory details.
>
> That did bring
> --- slapd.conf 2005/05/27 09:02:44 1.12
> +++ slapd.conf 2005/05/27 17:23:06 1.13
<snip/>
F-word!
slapd.conf != ldap.conf
>
> The problem presists ...
>
> My current clue is
>
> " You also should ensure that your TLS environment is sane through testing
> with openssl's s_client and s_server codes. "
That was interresting, but an irrelevant side track.
Thanks
Geert Stappers
Reply to: