Stefan Hornburg (Racke)
Open LDAP with SSL on Debian
First of all create a self-signed certificate by following the instructions at http://www.eclectica.ca/howto/ssl-cert-howto.php. I copied the private key and the certificates to /etc/ldap. Please make sure that the
private key is only readable by root.
Next add the following lines to /etc/ldap/slapd.conf:
TLSCaCertificateFile /etc/ldap/cacert.pem TLSCertificateFile /etc/ldap/cert.pem TLSCertificateKeyFile /etc/ldap/cert.key
Finally make sure that the LDAP server is listening at the ldaps port (636) by editing /etc/default/slapd
and restarting the LDAP server.
SLAPD_SERVICES="ldap://127.0.0.1:389/ ldaps:/// ldapi:///"