Renew ldap ssl certificate

From snippet wiki
Jump to navigation Jump to search

If you have your certs via letsencrypt you can use that file named olcSSL.ldif

dn: cn=config
changetype: modify
replace: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/letsencrypt/live/
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/letsencrypt/live/
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/letsencrypt/live/

To trigger that file run this

ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSSL.ldif