[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP TLS/SSL Security problem

To: sworden@focal.com
Subject: Re: LDAP TLS/SSL Security problem
From: Kirk Turner-Rustin <ktrustin@owu.edu>
Date: Wed, 30 Jun 2004 10:57:34 -0400 (EDT)
Cc: Openldap list <openldap-software@OpenLDAP.org>, owner-openldap-software@OpenLDAP.org
In-reply-to: <OF6881C8F0.6B626684-ON86256EC3.004DD286@focal.com>
References: <OF6881C8F0.6B626684-ON86256EC3.004DD286@focal.com>

On Wed, 30 Jun 2004 sworden@focal.com wrote:

> Slapd debug error messages when a client tries to login:
>
> connection_get(10): got connid=6
> connection_read(10): checking for input on id=6
> TLS trace: SSL_accept:before/accept initialization
> TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
> TLS: can't accept.
> TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
> s23_srvr.c:585

Is the client in question trying to StartTLS on an already encrypted
channel (port 636, ldaps:///)?

Can you replicate the problem using ldapsearch? If so, would you
post your ldapsearch command line?

-- 
Kirk Turner-Rustin
Programmer/Analyst
Libraries and Information Services
Ohio Wesleyan University
http://www.owu.edu

References:
- Re: LDAP TLS/SSL Security problem
  - From: sworden@focal.com

Prev by Date: Re: LDAP TLS/SSL Security problem
Next by Date: Re: LDAP TLS/SSL Security problem
Index(es):
- Chronological
- Thread