[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8658) Can't change olcTLSCipherSuite

To: openldap-its@OpenLDAP.org
Subject: (ITS#8658) Can't change olcTLSCipherSuite
From: slonvpalto@gmail.com
Date: Wed, 17 May 2017 08:24:40 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Oleg Pekar
Version: 2.4.31
OS: Ubuntu 14.04
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2001:420:4482:1252:a136:e35f:4494:428b)


When I try to change olcTLSCipherSuite in LDAP configuration I get the following
error:

root@LDAP-server:/oleg# ldapmodify -Y EXTERNAL -H ldapi:/// -d 1 -f cipher
ldap_url_parse_ext(ldapi:///)
ldap_create
ldap_url_parse_ext(ldapi:///??base)
ldap_sasl_interactive_bind: user selected: EXTERNAL
ldap_int_sasl_bind: EXTERNAL
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_path
ldap_new_socket: 4
ldap_connect_to_path: Trying /var/run/slapd/ldapi
ldap_connect_timeout: fd: 4 tm: -1 async: 0
ldap_ndelay_on: 4
ldap_close_socket: 4
ldap_msgfree
ldap_err2string
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)



File "cipher" used for update in the command above:
dn: cn=config
changetype: modify
replace: olcTLSCipherSuite
olcTLSCipherSuite: AES128-SHA


The server is indicated as running:
root@LDAP-server:/oleg# service slapd status
 * slapd is running

Therefore I cannot change the cipher that is used by secure LDAP. 

Thanks
Oleg

Prev by Date: Re: (ITS#8654) Option for LDAP client to bind to a local address.
Next by Date: Re: (ITS#8658) Can't change olcTLSCipherSuite
Index(es):
- Chronological
- Thread