Updating the document regarding LDAP options

Closes-bug: #1274581 Change-Id: I3e334b7290745f3e0cdaaf05b07e942929acff04
2016-09-29 15:27:34 +05:30 · 2016-09-29 15:27:34 +05:30 · ac04a51db2
parent 86483a7d1b
commit ac04a51db2
1 changed files with 7 additions and 0 deletions
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@ -1691,6 +1691,13 @@ tls_cacertdir is ignored. Furthermore, valid options for tls_req_cert are
 demand, never, and allow. These correspond to the standard options permitted by
 the TLS_REQCERT TLS option.

+.. NOTE::
+
+If unable to connect to LDAP via keystone (more specifically, if a
+*SERVER DOWN* error is seen), set the ``TLS_CACERT`` in ``/etc/ldap/ldap.conf``
+to the same value specified in the ``[ldap] tls_certificate`` section of
+``keystone.conf``.
+
 Read Only LDAP
 --------------