| 1 |
Howard Chu wrote: |
| 2 |
> Fabian Steiner wrote: |
| 3 |
> > Of course, I don't want to hijack the OP's thread but as our problems |
| 4 |
> > seem to be rather similar I can also provide the corresponding slapd log: |
| 5 |
> |
| 6 |
> This looks like a simple configuration error; you have slapd configured to |
| 7 |
> require client certificates and the client didn't send one. Either you need |
| 8 |
> to configure the client with a certificate, or you need to relax the |
| 9 |
> requirement on the server. |
| 10 |
> [...] |
| 11 |
|
| 12 |
In fact, this was also our first assumption after having analyzed the output |
| 13 |
for the very first time but due to our configuration this should't happen: |
| 14 |
|
| 15 |
[...] |
| 16 |
TLSCertificateFile /etc/ssl-certs/ldap.crt |
| 17 |
TLSCertificateKeyFile /etc/ssl-certs/ldap.key |
| 18 |
TLSCACertificateFile /etc/ssl-certs/ca.crt |
| 19 |
TLSVerifyClient never |
| 20 |
[...] |
| 21 |
|
| 22 |
Moreover, this wouldn't explain why it /does/ work for some time (as far as |
| 23 |
our case is concerned it works as long as slapd isn't restarted). Once the |
| 24 |
problem has occured the server has to be rebooted in order to ensure a |
| 25 |
working setup again :-( |
| 26 |
|
| 27 |
Thanks, |
| 28 |
Fabian |
| 29 |
-- |
| 30 |
gentoo-user@g.o mailing list |
Archives