[Pkg-openldap-devel] Bug#658749: slaptest -f -F loses "TLSVerifyClient allow"
Sergio Gelato
Sergio.Gelato at astro.su.se
Sun Feb 5 19:21:12 UTC 2012
Package: slapd
Version: 2.4.23-7.2
When converting from the legacy slapd.conf to the new LDIF configuration
database format with
slaptest -f slapd.conf -F slapd.d
the setting
TLSVerifyClient allow
is lost, i.e. it does not appear in slapd.d/cn=config.ldif as desired.
To reproduce:
echo 'TLSVerifyClient allow' > slapd.conf
mkdir slapd.d
slaptest -f slapd.conf -F slapd.d
grep -i olcTLSVerifyClient slapd.d/cn=config.ldif
Fortunately one can fix this after the fact with ldapmodify.
Other possible values of TLSVerifyClient, including the default (never),
do show up in slapd.d/cn=config.ldif.
More information about the Pkg-openldap-devel
mailing list