[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7792) slapd problems - ldap_result: Can't contact LDAP server (-1) result.c:813

Full_Name: Warron French
Version: 2.4.38 LTB Project
OS: CentOS-6.5
Submission from: (NULL) (

LTB-Project.org or OpenLDAP.org developers, please help:

I am running CentOS-6.5 (on all machines in my little lab) and attempting to
setup an LDAP server for user-account authentication, which requires TLS.  My
CentOS-6.5 machines are all running kernel 2.6.32-431.3.1.el6.x86_64.  Also, the
version of OpenLDAP I am running based on a suggestion from a user is
LTB-Project.org's OpenLDAP-2.4.38, because the version that came natively
available with CentOS-6.5's repos was a very old 2.4.23.

I am writing a document in order to successfully repeat the build/configuration
steps from my lab and lessons learned into a production system.

The following is where I am...

I am still having problems with adding (via .ldif file) the following LDIF file
contents of /tmp/LDAP-CONFIG-TLS.ldif:
dn:			cn=config
changetype:		modify
add:			olcTLSCipherSuite
olcTLSCipherSuite:	TLSv1+RSA:\!EXP:\!MD5:\!NULL    (<- not sure if that argument
is valid for that CipherSuite selection either)

I use the following ldapmodify command:
ldapmodify    -x     -D "cn=admin,cn=config" -W  -f /tmp/LDAP-CONFIG-TLS.ldif

Because I have debugging turned up (to -d 32768), the results now look like:
modifying entry "cn=config"
52e68423 connection_input:  conn=1000 deferring operation: binding
slapd: result.c:813:  slap_send_ldap_result: Assertion `!((rs->sr_err)<0)'
ldap_result:  Can't contact LDAP server  (-1)

I saw a thread on openldap.org on the following link, 
http://www.openldap.org/lists/openldap-bugs/201308/msg00066.html , that has the
exact same error.  I can see that Howard Chu from Symas fixed the problem for
Symas, did LTB Project fix this problem?  I cannot find any threads via
websearch for this issue.

My /var/log/openldap.log file does not show anything extra.  In fact a tail of
the log file doesn't even show any errors really.

What do I need to do in order to get my LDAP running with TLS?

Thank you for any help, I am losing my sanity.