我正在尝试使用 Let's Encrypt 配置 LDAPS,但一直收到此错误:ldap_modify:其他(例如,特定于实现)错误(80)
我正在使用 Ubuntu 22.04
证书权限
root@LDAPS:~/.acme.sh/ldaps.example.net_ecc# ls -l
total 45
-rw-r--r-- 1 root root 2668 Jul 30 23:09 ca.cer
-rw-r--r-- 1 openldap openldap 4120 Jul 30 23:09 fullchain.cer
-rw-r--r-- 1 openldap openldap 1452 Jul 30 23:09 ldaps.example.net.cer
-rw-r--r-- 1 root root 582 Jul 30 23:09 ldaps.example.net.conf
-rw-r--r-- 1 root root 473 Jul 30 23:07 ldaps.example.net.csr
-rw-r--r-- 1 root root 189 Jul 30 23:07 ldaps.example.net.csr.conf
-rw------- 1 openldap openldap 227 Jul 30 23:07 ldaps.example.net.key
-rw-r--r-- 1 root root 429 Jul 30 23:20 tls.ldif
tls.ldif 的内容
dn: cn=config
changetype: modify
replace: olcTLSCACertificateFile
olcTLSCACertificateFile: /root/.acme.sh/ldaps.example.net_ecc/fullchain.cer
-
replace: olcTLSCertificateFile
olcTLSCertificateFile: /root/.acme.sh/ldaps.example.net_ecc/ldaps.example.net.cer
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /root/.acme.sh/ldaps.example.net_ecc/ldaps.example.net.key
-
replace: olcTLSVerifyClient
olcTLSVerifyClient: never
装甲
nano /etc/apparmor.d/local/usr.sbin.slapd
/root/.acme.sh/ldaps.example.net_ecc/ r,
/root/.acme.sh/ldaps.example.net_ecc/ * r