I'm running SLES 12 SP1, and am trying to set up use of TLS on my LDAP server.

I've used YaST -> 'Security and Users' -> 'CA Management' to create create a CA called 'YaST_Default_CA', executed the 'Add Server Certificate' wizard to create a server certificate with the common name being the FQDN of the server. Using YaST, I have exported the CA certificate, the certificate and certificate key file as separate PEM-format files.

Now, in YaST -> 'Network Services' -> 'Authentication Server', I want to use this certificate in the LDAP server.

In 'Startup Configuration', I have enabled (in 'Protocol Listeners') both 'LDAP' and 'LDAP over SSL'.

In 'Global Settings' -> 'TLS Settings', in the 'Basic Settings' section, I have selected 'Enable TLS'. 'Enable LDAP over SSL (ldaps) interface' is also enabled. I browsed to three separate files containing the CA certificate file, the certificate file and the certificate key file. When I clicked on 'Ok', I got the popup message:

'Other (e.g., implementation specific) error:'

That's all that appeared in the error message popup. And I didn't see anything useful written in /var/log/messages.

This is clearly a bug to me (if only because the error message is outstandingly unuseful).

Beyond getting the error message fix and/or some useful information written to /var/log/messages, what can I do to triage this error, and move to a solution?


# cat /etc/os-release
PRETTY_NAME="SUSE Linux Enterprise Server 12 SP1"