Red Hat Bugzilla – Bug 166462
OpenLDAP TLS configuration could be easier
Last modified: 2014-08-31 19:27:49 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.7.11) Gecko/20050815 Epiphany/1.7.4
Description of problem:
The OpenLDAP package requires OpenSSL but could make configuring a TLS server easier.
First, slapd.conf contains:
# TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem
This should be:
# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
# TLSCertificateFile /etc/pki/tls/certs/slapd.pem
# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem
Second, Apache's mod_ssl package creates a TLS certificate when it is installed. Should OpenLDAP do the same? Should the OpenLDAP provide a TLS-protected service out of the box?
Version-Release number of selected component (if applicable):
Steps to Reproduce:
*** This bug has been marked as a duplicate of 143394 ***
Whoops Wrong bug number. Must be monday. . .
*** This bug has been marked as a duplicate of 143393 ***