Bug 166462 - OpenLDAP TLS configuration could be easier
Summary: OpenLDAP TLS configuration could be easier
Keywords:
Status: CLOSED DUPLICATE of bug 143393
Alias: None
Product: Fedora
Classification: Fedora
Component: openldap
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jay Fenlason
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-08-22 00:00 UTC by W. Michael Petullo
Modified: 2014-08-31 23:27 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-08-22 17:59:30 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description W. Michael Petullo 2005-08-22 00:00:44 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.7.11) Gecko/20050815 Epiphany/1.7.4

Description of problem:
The OpenLDAP package requires OpenSSL but could make configuring a TLS server easier.

First, slapd.conf contains:

# TLSCACertificateFile /usr/share/ssl/certs/ca-bundle.crt
# TLSCertificateFile /usr/share/ssl/certs/slapd.pem
# TLSCertificateKeyFile /usr/share/ssl/certs/slapd.pem

This should be:

# TLSCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
# TLSCertificateFile /etc/pki/tls/certs/slapd.pem
# TLSCertificateKeyFile /etc/pki/tls/certs/slapd.pem

Second, Apache's mod_ssl package creates a TLS certificate when it is installed.  Should OpenLDAP do the same?  Should the OpenLDAP provide a TLS-protected service out of the box?

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
See description.  

Additional info:
Comment 1 Jay Fenlason 2005-08-22 17:59:30 UTC 

*** This bug has been marked as a duplicate of 143394 ***
Comment 2 Jay Fenlason 2005-08-22 18:08:57 UTC 
Whoops  Wrong bug number.  Must be monday. . . 

*** This bug has been marked as a duplicate of 143393 ***
Note You need to log in before you can comment on or make changes to this bug.