[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL/TLS problem (unknown protocol)



I'm testing LDAP authentication and the client is getting the error:

nss_ldap: could not get LDAP result - Can't contact LDAP server

On the client, this is my ldap.conf config:

host shaka.gurulabs.com
base dc=gurulabs,dc=com
port 636
ssl start_tls

On the server I see:

connection_get(10): got connid=6
connection_read(10): checking for input on id=6
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
/usr/1-5-release/src/lib/libssl/../../crypto/dist/openssl/ssl/s23_srvr.c:557
connection_read(10): TLS accept error error=-1 id=6, closing
connection_closing: readying conn=6 sd=10 for close
connection_close: conn=6 sd=10

When I test with openssl using this command on the client:

openssl s_client -connect shaka.gurulabs.com:636

I get this on the server:

connection_get(10): got connid=3
connection_read(10): checking for input on id=3
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
connection_get(10): got connid=3
connection_read(10): checking for input on id=3
TLS trace: SSL_accept:SSLv3 read client key exchange A
TLS trace: SSL_accept:SSLv3 read finished A
TLS trace: SSL_accept:SSLv3 write change cipher spec A
TLS trace: SSL_accept:SSLv3 write finished A
TLS trace: SSL_accept:SSLv3 flush data

On the client I see the certificate and all the SSL info.  The CN is
resolvable via DNS.

Any hints here?

BTW, the server I'm running is OpenLDAP 2.0.11 on a Cobalt Qube 2 (mips)
running NetBSD 1.5.1.  The client is x86 Red Hat 7.1.

Dax