doc:appunti:linux:sa:sldap_2_5
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
doc:appunti:linux:sa:sldap_2_5 [2023/12/02 11:45] – [Migrazione da HDB a MDB] niccolo | doc:appunti:linux:sa:sldap_2_5 [2023/12/02 12:31] (current) – [Enable SSL] niccolo | ||
---|---|---|---|
Line 42: | Line 42: | ||
Reading the dump of database #0, you can see that the **cn=config** database has the **olcRootDN: | Reading the dump of database #0, you can see that the **cn=config** database has the **olcRootDN: | ||
+ | |||
+ | ===== Enable SSL ===== | ||
+ | |||
+ | Create a self signed certificate or get it from some provider, like **[[https:// | ||
+ | |||
+ | Create the following file **config-ssl.ldif**: | ||
+ | |||
+ | < | ||
+ | dn: cn=config | ||
+ | changetype: modify | ||
+ | replace: olcTLSCertificateFile | ||
+ | olcTLSCertificateFile: | ||
+ | - | ||
+ | replace: olcTLSCertificateKeyFile | ||
+ | olcTLSCertificateKeyFile: | ||
+ | - | ||
+ | replace: olcTLSCACertificatePath | ||
+ | olcTLSCACertificatePath: | ||
+ | </ | ||
+ | |||
+ | and load it into the slapd 2.5 configuration: | ||
+ | |||
+ | < | ||
+ | ldapmodify -Y EXTERNAL -H ldapi:/// -f config-ssl.ldif | ||
+ | </ | ||
+ | |||
+ | Enable ldaps into **/ | ||
+ | |||
+ | < | ||
+ | SLAPD_SERVICES=" | ||
+ | </ | ||
+ | |||
+ | Restart the slapd service. | ||
===== Adding a second (new) database ===== | ===== Adding a second (new) database ===== | ||
Line 232: | Line 265: | ||
<code bash> | <code bash> | ||
ldapsearch -W \ | ldapsearch -W \ | ||
- | -H ldap:// | + | -H ldap:// |
-D " | -D " | ||
-b ' | -b ' |
doc/appunti/linux/sa/sldap_2_5.txt · Last modified: 2023/12/02 12:31 by niccolo