main: TLS init def ctx failed: -1
Fredrik Unger
fred at ludd.ltu.se
Wed Nov 24 14:50:07 CET 2010
Hi,
I am setting up a openldap deamon (slapd) on a Debian Squeeze box.
Debian is using gnutls.
When using a certificate that works on an older Debian installation
where openssl was linked to openldap it works.
Using the same certificate in the gnutls version results in
main: TLS init def ctx failed: -1
and the server fails to start.
Using ldap with -d -1 (most debug information) nothing new is
provided that can help resolve the issue.
The certificate is created with openssl.
It has an encrypted key, but I have also tried it with
an unencrypted key. Same results.
The permissions are ok for the certificate and key.
What can I do more to figure out what is wrong?
certtool -i < cert.pem
shows information like :
Subject Public Key Algorithm: RSA
Signature Algorithm: RSA-SHA
I have tried setting TLSCipherSuite, but to no avail. Not sure what I
would set it to.
According to http://wiki.debian.org/LDAP/OpenLDAPSetup
"NOTE: On Debian Squeeze openldap is linked with gnutls as well, but
works just fine with certificate generated by openssl. "
But that does not seems to be the case for me.
Any pointers or information on how I should set up the certificate to
start the slapd deamon ?
/Fred
More information about the Gnutls-help
mailing list