Forum ‹‹ Linux Mail Server Setup and Howto Guide

setupssl2.sh

Page: 1

Reply to Post

Add a New Topic

User

Post

4:40 pm
June 27, 2010

ImNtReal

Member

posts 4

Quote and Reply

Print this Post

I've been struggling to get 389-Directory Server running with SSL on a Fedora 13 box. I tried to manually set one up, and eventually found this how-to. It all seems to be working, except for the end of the setupssl2.sh script, I get:

ldapmodify: invalid format (line 11) entry: "cn=encryption,cn=config"

After this, when I look at the Encryption tab for my directory server, under configuration SSL is not enabled. Previously, I tried to enable it, but then the server would no longer start as the SSL setup wasn't complete.

Is there any way to manually complete the last steps of the server without using ldapmodify?

Thanks,

=-Jameson

4:43 pm
June 27, 2010

ImNtReal

Member

posts 4

Quote and Reply

Print this Post

I take that back. When I re-ran the install and used setupssl2.sh from a clean install, I still got the error, but after manually enabling encryption, it seems to be working. Now, I just need to make sure the cert is in the right place for system autentication.

4:51 pm
June 27, 2010

ImNtReal

Member

posts 4

Quote and Reply

Print this Post

Unfortunately, when I run a ldapsearch, now, I get:

ldap_start_tls: Can't contact LDAP server (-1)
additional info: TLS: hostname does not match CN in peer certificate

1:59 pm
July 12, 2010

ImNtReal

Member

posts 4

Quote and Reply

Print this Post

Ok… I finailly realized that I can't have my ldap.conf file pointing to 127.0.0.1 if my cert uses my FQDN. Now, the scary part: Switching system authentication to use LDAP with TLS.

8:31 am
July 13, 2010

consultant