[Date Prev][Date Next] [Chronological] [Thread] [Top]

AW: (ITS#3828) SSL Connection closed immediatly after "ClientHello"


as far as I remember, letting slapd run WITHOUT the -u and -g options solved the issue as a workaround. For the longer term we updated to a later version of slapd (2.2.24) and the problem was gone. 

I hope this helps, 
Robert Heinzmann

> -----Ursprüngliche Nachricht-----
> Von: Alexander Gattin [mailto:xrgtn@yandex.ru] 
> Gesendet: Mittwoch, 29. März 2006 01:37
> An: openldap-its@OpenLDAP.org
> Cc: Heinzmann, Robert
> Betreff: Re: (ITS#3828) SSL Connection closed immediatly 
> after "ClientHello"
> Hi!
> I see the very similr problem using Debian's slapd/testing, 
> and 2k bit-wide DSA cert/key pair.
> I used different tools for debugging this problem, and it 
> appears to be a bug in SSL handling in slapd code, don't know 
> yet whether Debian or upstream is guilty.
> The problem is the same as yours, SSL handshake fails, with 
> slapd talking about "no shared ciphers".
> If I run s_server in place of slapd, using _the same_ 
> cert/key pair, SSL handshake with s_client passes.
> Also, slapd works (surprise!!!) when I use RSA cert/key 
> instead of DSA.
> Do you have any clue?
> --
> WBR,
> xrgtn