so im trying to get a LDAP server with ssl certificate running. I need to change the config by changing cn=config with ldapmodify and therefore cannot use a slapd.conf. It was quite hard finding proper guides on how to set it up with this... im relative new to linux...
Currently the slapd server is not starting and neither a systemctl status nor a journalctl had any information.
I think the problem is that for the ssl certificate I generated a key, so 2 .pem files one as the cert and one as key and then I ran
sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f ldap.ldif
to load the config. Content of ldap.ldif:
dn: cn=config changetype: modify add: olcTLSCertificateFile olcTLSCertificateFile: /etc/ldap/ssl/ldapcert.pem - add: olcTLSCertificateKeyFile olcTLSCertificateKeyFile: /etc/ldap/ssl/keys/ldapkey.pem - add: olcTLSCipherSuite olcTLSCipherSuite: TLSv1+RSA:!NULL - add: olcTLSVerifyClient olcTLSVerifyClient: never
I had a typo in this file when I loaded it and then the problem arised. My question is: How can I load the new (without typo) ldap.ldif file to the slapd server, when its shut down. When trying to run ldapmodify it says that he cannot make a connection to the ldap server which makes sense when it's offline.
To get more information when I try to start the server I ran the following command
/usr/sbin/slapd -h "ldapi:/// ldap://:7389/ ldaps://:7636/" -d -1
and got some more information: (part of the output)
daemon: bind(8) failed errno=98 (Address already in use) lap_open_listener: failed on ldapi:/// lapd stopped. onnections_destroy: nothing to destroy.
But I don't know what to do with this information and I didn't found similar problems in the internet.
I hope someone can help me!
Greeting Jonas
