Issue 6349 - RFE - extract keys once (389ds#6363) (389ds#6394)

Bug Description: Keys/Certs are extracted to PEM repeatedly causing many warnings during outbound TLS authenticated replication Fix Description: After more testing, if the connection is dropped and restarted, the certpath is retrieved but re-extraction does not occur. This still triggers the warning however. To resolve this, we only warn about the tpm namespace during library initialisation. I really hope I got it right this time :( fixes: 389ds#6349 Author: William Brown <[email protected]> Review by: ???
Firstyear · Nov 21, 2024 · 9896218 · 9896218
1 parent 7478498
commit 9896218
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
@@ -966,9 +966,12 @@ check_private_certdir()
 
     if (!tmp_private) {
         /* tmp is not a private name space */
-        slapi_log_err(SLAPI_LOG_WARNING, "Security Initialization",
+        if (_security_library_initialized != 0) {
+            /* only alert about this the first time around */
+            slapi_log_err(SLAPI_LOG_WARNING, "Security Initialization",
                 "%s is not a private namespace. pem files not exported there\n",
                 private_mountpoint);
+        }
         return NULL;
     }