[Date Prev][Date Next]
(ITS#5749) client didn't send its own certificate to the server
Full_Name: Gabor Mayer
Submission from: (NULL) (22.214.171.124)
i discovered it when i turned on the peer verification at server side.
i'm using the following configuration at client side:
i tried TLS_CERT & TLS_KEY in ldap.conf and in .ldaprc without success.
i tested it with ldapsearch -x and i got the following debug message at server
if the TLSVerifyClient was turned on:
TLS trace: SSL3 alert write:fatal:handshake failure
TLS trace: SSL_accept:error in SSLv3 read client certificate B
TLS: can't accept.
TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return
a certificate s3_srvr.c:2455
i captured the tcp flow at client side and i saw the server's certificate only.
the client didn't send its own certificate to the server!