I am trying to figure out how to make the nlpd to use a listener
certificate that was created specifically for the DNS name of the server
it is running on, and not the one that is exported by nlpexportcert from
one of the backend eDir servers. It does not seem to work when


where nlpd.pem contains both the server key and the certificate in it.
The error message that is logged in nlpd.log is:

Stopping proxy service... reason=0x81510101

which is:

Cause: TLS initialization failed either because of the back-end server
or the client.
Action: Check for correct TLS/SSL certificates and their permissions and
if they are present in the locations specified in the configuration.

Not sure if this is possible, but would appreciate any ideas.

ablovatskia's Profile: https://forums.netiq.com/member.php?userid=288
View this thread: https://forums.netiq.com/showthread.php?t=48538