[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#3828) SSL Connection closed immediatly after "ClientHello"
On Tue, Mar 28, 2006 at 11:37:11PM +0000, xrgtn@yandex.ru wrote:
> If I run s_server in place of slapd, using _the same_
> cert/key pair, SSL handshake with s_client passes.
>
> Also, slapd works (surprise!!!) when I use RSA cert/key
> instead of DSA.
version of slapd:
> $ apt-show-versions -a -p slapd
> slapd 2.2.26-5 install ok installed
debug trace of slapd:
> TLS trace: SSL_accept:before/accept initialization
> tls_read: want=11, got=11
> 0000: 80 8c 01 03 01 00 63 00 00 00 20 ......c...
> tls_read: want=131, got=131
> 0000: 00 00 39 00 00 38 00 00 35 00 00 16 00 00 13 00 ..9..8..5.......
> 0010: 00 0a 07 00 c0 00 00 33 00 00 32 00 00 2f 03 00 .......3..2../..
> 0020: 80 00 00 66 00 00 05 00 00 04 01 00 80 08 00 80 ...f............
> 0030: 00 00 63 00 00 62 00 00 61 00 00 15 00 00 12 00 ..c..b..a.......
> 0040: 00 09 06 00 40 00 00 65 00 00 64 00 00 60 00 00 ....@..e..d..`..
> 0050: 14 00 00 11 00 00 08 00 00 06 04 00 80 00 00 03 ................
> 0060: 02 00 80 65 8d a5 47 d3 7b bf 04 61 11 4d b5 08 ...e..G.{..a.M..
> 0070: b2 18 7f 7f 69 db 71 ee 53 57 ac e0 2f 6d 8f 2b ....i.q.SW../m.+
> 0080: f5 7f 87 ...
> tls_write: want=7, written=7
> 0000: 15 03 01 00 02 02 28 ......(
> TLS trace: SSL3 alert write:fatal:handshake failure
> TLS trace: SSL_accept:error in SSLv3 read client hello B
> TLS trace: SSL_accept:error in SSLv3 read client hello B
> TLS: can't accept.
> TLS: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher s3_srvr.c:972