1 |
Howard Chu wrote: |
2 |
> Fabian Steiner wrote: |
3 |
> > Of course, I don't want to hijack the OP's thread but as our problems |
4 |
> > seem to be rather similar I can also provide the corresponding slapd log: |
5 |
> |
6 |
> This looks like a simple configuration error; you have slapd configured to |
7 |
> require client certificates and the client didn't send one. Either you need |
8 |
> to configure the client with a certificate, or you need to relax the |
9 |
> requirement on the server. |
10 |
> [...] |
11 |
|
12 |
In fact, this was also our first assumption after having analyzed the output |
13 |
for the very first time but due to our configuration this should't happen: |
14 |
|
15 |
[...] |
16 |
TLSCertificateFile /etc/ssl-certs/ldap.crt |
17 |
TLSCertificateKeyFile /etc/ssl-certs/ldap.key |
18 |
TLSCACertificateFile /etc/ssl-certs/ca.crt |
19 |
TLSVerifyClient never |
20 |
[...] |
21 |
|
22 |
Moreover, this wouldn't explain why it /does/ work for some time (as far as |
23 |
our case is concerned it works as long as slapd isn't restarted). Once the |
24 |
problem has occured the server has to be rebooted in order to ensure a |
25 |
working setup again :-( |
26 |
|
27 |
Thanks, |
28 |
Fabian |
29 |
-- |
30 |
gentoo-user@g.o mailing list |