Paulie's world in a blog

  • August 8, 2015

OpenLDAP + TLS in Solaris 11

Guest Author
This blog post serves as a followup to Configuring a Basic LDAP Server + Client in Solaris 11. It covers creating self-signed certificates and enabling TLS for secure communication.

1) Create certificates
# mkdir /etc/openldap/certs
# cd /etc/openldap/certs
# openssl req -x509 -nodes -days 3650 -newkey rsa:2048 \
-keyout server.key -out server.crt
# chmod 400 server.*
# chown openldap:openldap server.*

2) Update slapd.conf
Add the following lines to the end of /etc/openldap/slapd.conf
TLSCACertificateFile /etc/certs/ca-certificates.crt
TLSCertificateFile /etc/openldap/certs/server.crt
TLSCertificateKeyFile /etc/openldap/certs/server.key

3) Restart LDAP server
# svcadm disable ldap/server
# svcadm enable ldap/server

That's it! Connect to your LDAP server on port 389.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.