[Date Prev][Date Next]
AW: (ITS#3828) SSL Connection closed immediatly after "ClientHello"
as far as I remember, letting slapd run WITHOUT the -u and -g options solved the issue as a workaround. For the longer term we updated to a later version of slapd (2.2.24) and the problem was gone.
I hope this helps,
> -----Ursprüngliche Nachricht-----
> Von: Alexander Gattin [mailto:firstname.lastname@example.org]
> Gesendet: Mittwoch, 29. März 2006 01:37
> An: openldap-its@OpenLDAP.org
> Cc: Heinzmann, Robert
> Betreff: Re: (ITS#3828) SSL Connection closed immediatly
> after "ClientHello"
> I see the very similr problem using Debian's slapd/testing,
> and 2k bit-wide DSA cert/key pair.
> I used different tools for debugging this problem, and it
> appears to be a bug in SSL handling in slapd code, don't know
> yet whether Debian or upstream is guilty.
> The problem is the same as yours, SSL handshake fails, with
> slapd talking about "no shared ciphers".
> If I run s_server in place of slapd, using _the same_
> cert/key pair, SSL handshake with s_client passes.
> Also, slapd works (surprise!!!) when I use RSA cert/key
> instead of DSA.
> Do you have any clue?