Charlie Mordant wrote: > However, Apache configuration test tells that syntax is ok It's not an Apache configuration problem. It has to do with LDAP AFAICT. I'd check your 389-ds access and error logs to see if there is a bind. The error 4 is rather generic and used in a number of places. If I'm reading the code right it can mean one of: 1. Invalid credentials 2. Invalid DN syntax 3. something else, a catch-all. But you should probably see a connect and hopefully a bind request and the LDAP error from that should tell you more about what is going on. rob > > 2015-01-05 19:15 GMT+01:00 Charlie Mordant <cmordant1@xxxxxxxxx > <mailto:cmordant1@xxxxxxxxx>>: > > Hi contact experts! > > I’m trying to make a future OSS contribution making an OPSCode Chef > recipe to install a secure LDAP. > > I (barely) migrate and use > the https://github.com/richm/scripts/blob/master/setupssl2.sh#L238 shell > to secure a provisionned LDAP, but while executed, restarting > dirsrv-admin led me to an error: > [code] > [Sat Jan 03 18:19:36.940462 2015] [:info] [pid 8266:tid > 140486247127104] Server: Apache/2.4.6, Interface: mod_nss/2.4.6, > Library: NSS/3.15.2 Basic ECC > [Sat Jan 03 18:19:36.940490 2015] [:debug] [pid 8266:tid > 140486247127104] mod_admserv/mod_admserv.c(2467): Entering > mod_admserv_post_config - pid is [8266] init count is [0] > [Sat Jan 03 18:19:36.940495 2015] [:debug] [pid 8266:tid > 140486247127104] mod_admserv/mod_admserv.c(2295): Entering > do_admserv_post_config - pid is [8266] > [Sat Jan 03 18:19:36.940498 2015] [:debug] [pid 8266:tid > 140486247127104] mod_admserv/mod_admserv.c(2303): Entering > do_admserv_post_config - init count is [1] > [Sat Jan 03 18:19:36.940506 2015] [:debug] [pid 8266:tid > 140486247127104] mod_admserv/mod_admserv.c(2327): [8266] Cache > expiration set to 600 seconds > [Sat Jan 03 18:19:36.943993 2015] [:debug] [pid 8266:tid > 140486247127104] mod_admserv/mod_admserv.c(2431): Added > StartConfigDs task entry > [cn=startconfigds,cn=operation,cn=tasks,cn=admin-serv-contacts,cn=389 administration > server,cn=server group,cn=contacts.osgiliath.is-a-chef.net > <http://contacts.osgiliath.is-a-chef.net>,ou=osgiliath.is-a-chef.net > <http://osgiliath.is-a-chef.net>,o=netscaperoot:start_config_ds:] > for user [LocalSuper] > [Sat Jan 03 18:19:36.945579 2015] [:info] [pid 8266:tid > 140486247127104] host_ip_init(): problem creating secure AdmldapInfo > (error code = 4) > [Sat Jan 03 18:19:36.945670 2015] [:crit] [pid 8266:tid > 140486247127104] host_ip_init(): PSET failure: Failed to create PSET > handle (pset error = ) > AH00016: Configuration Failed > [Sat Jan 03 18:19:36.956655 2015] [:info] [pid 8266:tid > 140486247127104] Shutting down SSL Session ID Cache > [/code] > > Using certutil to list certificates looks good, restarting the > (main) ldap is OK. > > Have you got any clue to debug/find the source of the error? > > Best regards, > > Charlie > -- > > Charlie Mordant > Full OsgiEE like > stack: https://github.com/OsgiliathEnterprise/net.osgiliath.parent > > > > > -- > Charlie Mordant > > Full OSGI/EE stack made with Karaf: > https://github.com/OsgiliathEnterprise/net.osgiliath.parent > > > -- > 389 users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/389-users > -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
