[Pkg-openldap-devel] Bug#462588: Fails to start slapd ldaps:/// on upgrade
Alex Samad
alex at samad.com.au
Fri Jan 25 21:16:30 UTC 2008
Package: slapd
Version: 2.4.7-3+b1
Severity: grave
Justification: renders package unusable
Hi
I have a wokring 2.3.38-1+lenny1 slapd, these are the relevant TLS
config info
# CA information
TLSCACertificateFile /etc/ldap/ssl/ca-certificates.crt
#TLSCACertificatePath /etc/ldap/ssl/
TLSVerifyClient allow
#TLSVerifyClient demand
#TLSCipherSuite HIGH
TLSCipherSuite HIGH:MEDIUM:+SSLv3
TLSCRLCheck none
TLSCertificateFile
/etc/ldap/ssl/bGRhcC5zYW1hZC5jb20uYXU6Y2EuY29tLmF1OjpBLiBTYW1hZCBQdHkgTHRkOlN5ZG5leTpOU1c6QVU=.pem
TLSCertificateKeyFile
/etc/ldap/ssl/bGRhcC5zYW1hZC5jb20uYXU6Y2EuY29tLmF1OjpBLiBTYW1hZCBQdHkgTHRkOlN5ZG5leTpOU1c6QVU=.une.pem
upon upgrade slapd refused to start tls failure unable to set
TLSCipherSuite HIGH:MEDIUM:+SSLv2
The only way I could get slapd to start was to comment out
TLSCipherSuite
and then slapd would not accept any ldaps connections
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (500, 'stable'), (100, 'unstable'), (50, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.22-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
More information about the Pkg-openldap-devel
mailing list