[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS/openldap 2.1.2

To: OpenLDAP-software@OpenLDAP.org
Subject: TLS/openldap 2.1.2
From: "Derek T. Yarnell" <derek@cs.umd.edu>
Date: Wed, 19 Jun 2002 11:06:55 -0400
Content-disposition: inline
User-agent: Mutt/1.4i

Ok I have followed Turbo's guide to the T for openldap v3. I have gotten sasl
working with gssapi support and all. However I am having a tough time getting
the ssl stuff to work. 

Here is the server 

connection_get(13): got connid=0
connection_read(13): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
connection_get(13): got connid=0
connection_read(13): checking for input on id=0
TLS trace: SSL3 alert read:fatal:unknown
TLS trace: SSL_accept:failed in SSLv3 read client certificate A
TLS: can't accept.
TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:964
connection_read(13): TLS accept error error=-1 id=0, closing
connection_closing: readying conn=0 sd=13 for close
connection_close: conn=0 sd=13

This is what I am running,

ldapsearch -H ldaps://ringleader.csic.cs.umd.edu/ -x -b "" -s base -LLL supportedSASLMechanisms

I have added the the SSL cert as turbo has in his document and have added
the correct lines to the slapd.conf file. I made sure that the CN was what I stated
above, ringleader.csic.cs.umd.edu.

Anyone have any insight?

-- 
---
Derek T. Yarnell
University of Maryland
Computer Science Department Unix Staff
derek@cs.umd.edu

Prev by Date: Re: Replication with SLURPD
Next by Date: Re: allowing public access on a per-user basis
Index(es):
- Chronological
- Thread