Anyone get openldap 2.x and ssl/tls to work? I'd like to force the ssl/tls stuff on the client side. I'm running openldap 2.0.21-1 and openssl-0.9.6b-8. Questions: 1. Do I need to recompile openldap to enable TLS support? I just installed the 2.0.21-1 rpms. 2. Which values do I need to set in ldap.conf on the clients? I have: ssl start_tls ssl on Anything else I need to specify? 3. I added the following to my slapd.conf: TLSCertificateFile /etc/openldap/server.pem TLSCertificateKeyFile /etc/openldap/server.pem TLSCACertificateFile /etc/openldap/server.pem Anything else I need here? I've searched for documentation on this topic but haven't found a lot. The FAQ at openldap.org indicates SSL/TLS support isn't well tested (http://www.openldap.org/faq/index.cgi?_highlightWords=ssl&file=185) Note: everything works using just port 389 (non-ssl). I'm testing by running slapd with just ldaps:/// and just using a simple ldapsearch -H ldaps:/// Thank you. -- Amy Tanner amy at real-time.com