rhel6: openldap sever does not work with SSL/TLS after changing SSL/TLS configuration in the config tree

Solution Verified - Updated -

Issue

  • openldap sever does not work with SSL/TLS after changing SSL/TLS configuration in the config tree
  • openldap sever does not work with SSL/TLS, after olcTLSCertificateFile and olcTLSCertificateKeyFile are changed several times:
# cat /tmp/mod.ldif
dn: cn=config
changetype: modify
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/openldap/cert.pem
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/openldap/cert.key
-
# ldapmodify -x -f /tmp/mod.ldif -D cn=config -w secret
# ldapsearch -x -H ldaps://127.0.0.1 -D "cn=Manager,dc=my-domain,dc=com" -w "secret" -b "dc=my-domain,dc=com" "*"
success
# ldapmodify -x -f /tmp/mod.ldif -D cn=config -w secret
# ldapsearch -x -H ldaps://127.0.0.1 -D "cn=Manager,dc=my-domain,dc=com" -w "secret" -b "dc=my-domain,dc=com" "*"
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Environment

  • Red Hat Enterprise Linux (RHEL) 6
  • openldap 2.4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In