Merge pull request #755 from yalh76/openldap-tls

[enh] Add OpenLDAP TLS support

data/hooks/conf_regen/06-slapd

@@ -76,6 +76,9 @@ do_post_regen() {
   sudo chown -R openldap:openldap /etc/ldap/schema/
   sudo chown -R openldap:openldap /etc/ldap/slapd.d/
 
+  # Add openldap user in the ssl-cert group to let it access the certificate for TLS
+  sudo usermod -aG ssl-cert openldap
+
   [ -z "$regen_conf_files" ] && exit 0
 
   # check the slapd config file at first

data/templates/slapd/slapd.conf

@@ -41,6 +41,10 @@ sizelimit 500
 # for indexing.
 tool-threads 1
 
+# TLS Support
+TLSCertificateFile /etc/ssl/private/yunohost_crt.pem
+TLSCertificateKeyFile /etc/ssl/private/yunohost_key.pem
+
 #######################################################################
 # Specific Backend Directives for mdb:
 # Backend specific directives apply to this backend until another