[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Errors in clients moving from 2.0.X to 2.1.X

Please read this FAQ http://www.openldap.org/faq/index.cgi?file=185

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support 

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Mathias
> Meisfjordskar
> Sent: Monday, August 26, 2002 8:32 AM
> To: openldap-software@OpenLDAP.org
> Subject: Errors in clients moving from 2.0.X to 2.1.X
> 
> 
> 
> Hello all!
> 
> I have some problems using the latest clients from OpenLDAP
> 2.1.{2,3}. When binding as a user I get;
> 
> 2.1.2/bin/ldapsearch -x -ZZ -D "uid=user,dc=domain,dc=no" \
> -h server.domain.no -b "dc=domain,dc=no" -s one -v -W 
> 
> ldap_init( server.domain.no, 0 )
> ldap_start_tls: Connect error (91)
>         additional info: error:14090086:SSL 
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> 
> Using 2.0.{23,24,25}(same parameters) everything works perfectly. I
> have checked my certificates, and they seem ok.
> 
> Errors in debug from slapd(-1):
>   03c0:  92 9b 1d 8f 74 90 cc bc  fb 61 78 aa b9 f7 b5 81   
> ....t....ax.....  
>   03d0:  80 c2 ed 41 2c df 4d 85  36 ab 8a 8b da b9 55 99   
> ...A,.M.6.....U.  
>   03e0:  da f6 ee 3a c3 16 03 01  00 04 0e 00 00 00         
> ...:..........    
> TLS trace: SSL_accept:SSLv3 flush data
> tls_read: want=5 error=Resource temporarily unavailable
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> daemon: select: listen=6 active_threads=0 tvp=NULL
> daemon: select: listen=7 active_threads=0 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: activity on: 10r
> daemon: read activity on 10
> connection_get(10)
> connection_get(10): got connid=4
> connection_read(10): checking for input on id=4
> tls_read: want=5, got=5
> 
> No such error using 2.0.X clients. Same error using Mac OS X(10.2)
> authentication. What is this "error in SSLv3 read client certificate
> A" and "tls_read: want=5 error=Resource temporarily unavailable"?
> 
> Hope you can help me.
> 
> 
> Regards,
> -- 
> Mathias Meisfjordskar
> 
> GNU/Linux addict.
> Debian - What your mom would use if it were twenty times easier.
> 
>