[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapsearch TLS error

To: "openldap-software \(E-mail\)" <openldap-software@OpenLDAP.org>
Subject: ldapsearch TLS error
From: "John Green" <green@blueheronbio.com>
Date: Thu, 18 Apr 2002 14:34:53 -0700
Importance: Normal

I'm using RH72. I'm getting the error "ldap_start_tls: connect error." From
the debug output (below) it seems TLS believes my FQDN is localhost. Using
the RH rpm's, 2.0.11 works fine, but when upgrading the rpm's to 2.0.21 on a
clean install and then configuring the machine, this springs up. I've
created a certificate, and pointed slapd.conf to it. Can anyone direct me to
what other file(s) would control this? I've tried searching the RH website,
OpenLDAP website, Openssl website, and Google, and I've found information,
but I haven't found any fixes.

Thanks  --  John

ldapsearch -H ldap:///  -p 389 -x -b "" -s base -d 127 -LLL -ZZ
supportedSASLMechanisms

//snip// domain name changed to protect the innocent

TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
tls_write: want=190, written=190
  0000:  16 03 01 00 86 10 00 00  82 00 80 16 69 90 69 9c   ............i.i.
  0010:  ae d3 2c 22 81 7a d6 5b  38 cb e8 ac ac 26 c9 95   ..,".z.[8....&..
  0020:  33 5e 59 2e db 6d 45 ef  ab 4d 76 2f 39 f3 cb 68   3^Y..mE..Mv/9..h
  0030:  c1 48 83 d7 03 3c 44 0c  99 fc 88 77 7a 43 13 57   .H...<D....wzC.W
  0040:  d1 70 d2 16 10 82 ee cc  eb 6f 83 4b 83 04 55 e8   .p.......o.K..U.
  0050:  96 10 6a c9 c4 02 6c 1d  97 7e d0 00 dc 49 19 09   ..j...l..~...I..
  0060:  19 0b 12 49 a1 ac 63 3d  fa ef 31 ed a0 34 fd c4   ...I..c=..1..4..
  0070:  23 24 d0 42 dd 00 87 5c  3a b2 7a f9 ce 15 71 af   #$.B...\:.z...q.
  0080:  3c 07 35 d1 73 bb 1a 11  bd c5 c9 14 03 01 00 01   <.5.s...........
  0090:  01 16 03 01 00 28 76 0f  16 23 e0 82 f9 dc 04 18   .....(v..#......
  00a0:  5a 87 d8 67 bb c9 76 33  82 98 fd 37 09 35 d7 ca   Z..g..v3...7.5..
  00b0:  5f a7 65 52 97 cd bb f7  9e d2 49 51 f0 90         _.eR......IQ..
TLS trace: SSL_connect:SSLv3 flush data
tls_read: want=5, got=5
  0000:  14 03 01 00 01                                     .....
tls_read: want=1, got=1
  0000:  01                                                 .
tls_read: want=5, got=5
  0000:  16 03 01 00 28                                     ....(
tls_read: want=40, got=40
  0000:  2c fc 31 74 76 31 2f c5  c0 24 27 94 43 1e c5 49   ,.1tv1/..$'.C..I
  0010:  f0 d9 06 fe 5a 39 a0 2f  4a 7b 49 d0 14 fc 4a a7   ....Z9./J{I...J.
  0020:  5f 3d 42 83 5b f0 8e 16                            _=B.[...
TLS trace: SSL_connect:SSLv3 read finished A
TLS: hostname (localhost) does not match common name in certificate
(blah.blah.com.).
ldap_perror
ldap_start_tls: Connect error

Follow-Ups:
- RE: ldapsearch TLS error
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: How to access OpenLDAP using VBScript
Next by Date: slapd peak
Index(es):
- Chronological
- Thread