[Date Prev][Date Next] [Chronological] [Thread] [Top]

how to ssl only, not tls?

To: "openldap-software" <openldap-software@OpenLDAP.org>
Subject: how to ssl only, not tls?
From: "kk_q" <kk_q@msn.com>
Date: Wed, 1 Jun 2005 00:36:12 +0800

some ldap clients are not support tls,and support ssl.
then I edit slapd.conf,change all "TLS" lines to #TLS,like:

#TLSCACertificateFile server.pem
#TLSCertificateFile server.pem
#TLSCertificateKeyFile server.pem 

and run slapd -d 256 -h "ldaps://0.0.0.0/" -f /path/to/slapd.conf.
run the dis-tls client.
slapd reports error:

conn=11 fd=10 accept from ip=127.0.0.1:57203(ip=0.0.0.0:636)
TLS:can't accept.
TLS:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:1052
conn=11 fd=10 closed

the client can't connect to ldap server.
now,I want to know how to server side ssl only, not tls?

Follow-Ups:
- Re: how to ssl only, not tls?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Invalid syntax
Next by Date: berkeleydb logfiles
Index(es):
- Chronological
- Thread