diff -uNr e-smith-ldap-5.2.0/root/etc/e-smith/db/configuration/defaults/ldap/TCPPort e-smith-ldap-5.2.0-nh-tls/root/etc/e-smith/db/configuration/defaults/ldap/TCPPort
--- e-smith-ldap-5.2.0/root/etc/e-smith/db/configuration/defaults/ldap/TCPPort	2005-07-27 23:26:55.000000000 +0200
+++ e-smith-ldap-5.2.0-nh-tls/root/etc/e-smith/db/configuration/defaults/ldap/TCPPort	1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-389
diff -uNr e-smith-ldap-5.2.0/root/etc/e-smith/db/configuration/defaults/ldap/TCPPorts e-smith-ldap-5.2.0-nh-tls/root/etc/e-smith/db/configuration/defaults/ldap/TCPPorts
--- e-smith-ldap-5.2.0/root/etc/e-smith/db/configuration/defaults/ldap/TCPPorts	1970-01-01 01:00:00.000000000 +0100
+++ e-smith-ldap-5.2.0-nh-tls/root/etc/e-smith/db/configuration/defaults/ldap/TCPPorts	2010-01-21 17:30:08.451662573 +0100
@@ -0,0 +1 @@
+389,636
diff -uNr e-smith-ldap-5.2.0/root/etc/e-smith/templates/etc/openldap/slapd.conf/12tls e-smith-ldap-5.2.0-nh-tls/root/etc/e-smith/templates/etc/openldap/slapd.conf/12tls
--- e-smith-ldap-5.2.0/root/etc/e-smith/templates/etc/openldap/slapd.conf/12tls	1970-01-01 01:00:00.000000000 +0100
+++ e-smith-ldap-5.2.0-nh-tls/root/etc/e-smith/templates/etc/openldap/slapd.conf/12tls	2010-01-21 17:26:22.955826264 +0100
@@ -0,0 +1,7 @@
+
+TLSCipherSuite         HIGH:MEDIUM:+SSLv2
+TLSCACertificateFile   /var/service/ldap/ssl/slapd.pem
+TLSCertificateFile     /var/service/ldap/ssl/slapd.pem
+TLSCertificateKeyFile  /var/service/ldap/ssl/slapd.pem
+TLSVerifyClient        never
+
diff -uNr e-smith-ldap-5.2.0/root/var/service/ldap/control/1 e-smith-ldap-5.2.0-nh-tls/root/var/service/ldap/control/1
--- e-smith-ldap-5.2.0/root/var/service/ldap/control/1	1970-01-01 01:00:00.000000000 +0100
+++ e-smith-ldap-5.2.0-nh-tls/root/var/service/ldap/control/1	2010-01-21 17:26:22.955826264 +0100
@@ -0,0 +1,39 @@
+#!/usr/bin/perl -w
+
+#----------------------------------------------------------------------
+# copyright (C) 2005 Mitel Networks Corporation
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# 		
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 		
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+# Technical support for this program is available from Mitel Networks 
+# Please visit our web site www.mitel.com/sme/ for details.
+#----------------------------------------------------------------------
+
+use esmith::util;
+use esmith::ConfigDB;
+use File::Copy;
+
+my $c = esmith::ConfigDB->open_ro;
+my $s = $c->get('SystemName')->value;
+my $d = $c->get('DomainName')->value;
+
+my $pem = "./ssl/slapd.pem";
+# Now copy system pem file into jail used by ldap
+copy("/home/e-smith/ssl.pem/$s.$d.pem", "$pem.$$")
+  or die "failed to copy SSL PEM: $!";
+chmod 0640, "$pem.$$";
+esmith::util::chownFile("root", "ldap", "$pem.$$");
+rename("$pem.$$", "$pem")
+  or die "failed to rename $pem.$$ to $pem: $!";
diff -uNr e-smith-ldap-5.2.0/root/var/service/ldap/run e-smith-ldap-5.2.0-nh-tls/root/var/service/ldap/run
--- e-smith-ldap-5.2.0/root/var/service/ldap/run	2010-01-21 17:27:22.843343080 +0100
+++ e-smith-ldap-5.2.0-nh-tls/root/var/service/ldap/run	2010-01-21 17:27:54.172898066 +0100
@@ -3,6 +3,8 @@
 domain=$(/sbin/e-smith/config get DomainName)
 old_domain=$(readlink ldif)
 
+./control/1
+
 if [ -n "$old_domain" ]
 then
     old_domain=$(basename $old_domain | sed s/.ldif//)
@@ -50,4 +52,4 @@
 fi
 
 # Now run daemon
-exec /usr/sbin/slapd -4 -u ldap -d 0
+exec /usr/sbin/slapd -4 -u ldap -d 0 -h "ldap:/// ldaps:/// ldapi:///"