OpenLDAP error configuring StartTLS: ldap_modify: Other (e.g., implementation specific) error (80)
I solved this problem by changing the order in the file.ldif like this:
dn: cn=config
changetype: modify
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/openldap/certs/your_key
dn: cn=config
changetype: modify
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/openldap/certs/your_certificate
and the I ran the command
ldapmodify -Y EXTERNAL -H ldapi:/// -f your_file.ldif
make sure that there an acl that makes the root eligible to make change with authenticating with SASL bind.
To make sure that changes have been done, run this command
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config | grep olcTLS
I had the same problem.
Certificates were stored in the /opt/local/cert
.
You must add this directory to the list of the resolved files in /etc/apparmor.d/local/usr.sbin.slapd
:
/opt/local/cert/ r,
/opt/local/cert/* r,