Problem Statement:
What can happen if you delete your certificates and forget to disable
encryption on your ldap server is that your directory server will not
start the next time you go to restart it.
Resolution:
What can happen if you delete your certificates and forget to disable
encryption on your ldap server is that your directory server will not
start the next time you go to restart it.
Here’s how it looks:
bash-2.05# ./start-slapd
Enter PIN for Internal (Software) Token:
Server not running!! Failed to start ns-slapd process.
tail
[24/Apr/2004:12:31:48 -0700] – Sun-ONE-Directory/5.2 B2003.143.0020 (32-
bit) starting up
[24/Apr/2004:12:31:48 -0700] – WARNING<4753> – SSL – conn=-1 op=-1 msgId=-
1 – Security Initialization: Can’t find certificate (server-cert) for
family cn=RSA,cn=encryption,cn=config (error -5978 – Network file
descriptor is not connected.)
[24/Apr/2004:12:31:48 -0700] – WARNING<4754> – SSL – conn=-1 op=-1 msgId=-
1 – Security Initialization: Unable to retrieve private key for cert
server-cert of family cn=RSA,cn=encryption,cn=config (error -5978 –
Network file descriptor is not connected.)
[24/Apr/2004:12:31:48 -0700] – ERROR<4756> – SSL – conn=-1 op=-1 msgId=-1 –
None of the cipher are valid.
[24/Apr/2004:12:31:48 -0700] – DEBUG – conn=-1 op=-1 msgId=-1 – SSL
socket import or configuration failed.
[24/Apr/2004:12:31:48 -0700] – DEBUG – conn=-1 op=-1 msgId=-1 – Failed
to init daemon
To fix this, open the
nsslapd-security: on
to:
nsslapd-security: off
Then, restart the directory server.]]>