Renew ldap ssl certificate
Jump to navigation
Jump to search
If you have your certs via letsencrypt you can use that file named olcSSL.ldif
dn: cn=config
changetype: modify
replace: olcTLSCACertificateFile
olcTLSCACertificateFile: /etc/letsencrypt/live/ldap.example.com/fullchain.pem
-
replace: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile: /etc/letsencrypt/live/ldap.example.com/privkey.pem
-
replace: olcTLSCertificateFile
olcTLSCertificateFile: /etc/letsencrypt/live/ldap.example.com/cert.pem
To trigger that file run this
ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSSL.ldif