[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS client certificate problem

To: openldap-software@OpenLDAP.org
Subject: TLS client certificate problem
From: Michael David <michael@newearth.org>
Date: Fri, 15 Sep 2000 14:59:01 -0400 (EDT)
In-reply-to: <Pine.LNX.3.95.1000914213800.6117A-100000@bbs.ipass.net>

I'm running openldap 2.0.3 under linux. The clients include
netscape messenger on the same linux box, and netscape and
outlook express under windows 2k.

All have been working and continue to work using plaintext
ldap on port 389. Under a previous version of openldap
(2.0.0), ldaps (tls) connection on port 636 also worked for
all these clients. Now, under 2.0.3, seaching for a name
from the OE address book, I see these debug messages;

TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
tls_write: want=9, written=9
        16 03 01 00 04 0e 00 00 00
TLS trace: SSL_accept:SSLv3 flush data
tls_read: want=5 error=Resource temporarily unavailable
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL

and OE reports that it can't connect.

The results are the same whether or not OE has a client
certificate. The other clients produce the same results.

If anyone finds this informative, I'd be interested in
learning what has stopped working.

--mvd

-- 
Michael V. David - MVD53 - michael@newearth.org - mvd@netaxs.com
WEB: http://www.netaxs.com/~mvd/mvd - http://www.newearth.org/~michael
IRC: irc.newearth.org#newearth - AIM: newearth7 - GPS: 40 07 53 N, 75 04 04 W
Quidquid latine dicitur, altum viditur.

Prev by Date: RE: slapd.conf on NT
Next by Date: Re: Indexing problem
Index(es):
- Chronological
- Thread