[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re:Re: (ITS#8924) Installed openldap2.4.46 and openssl1.1.1, the client and server still used TLS1.2 to negotiated
- To: openldap-its@OpenLDAP.org
- Subject: Re:Re: (ITS#8924) Installed openldap2.4.46 and openssl1.1.1, the client and server still used TLS1.2 to negotiated
- From: quanah@symas.com
- Date: Wed, 17 Oct 2018 17:29:05 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
--On Sunday, October 14, 2018 10:03 PM +0800 =E8=8E=AB=E4=BA=9A=E7=94=B7 =
<nanmor@126.com>=20
wrote:
> Run ' ldd /usr/local/openldap.2.4.46/bin/ldapsearch' in Redhat, result:
> linux-vdso.so.1 =3D> (0x00007ffd959d6000)
> libsasl2.so.3 =3D> /lib64/libsasl2.so.3 (0x00007fae80012000)
> libssl.so.10 =3D> /lib64/libssl.so.10 (0x00007fae7fd9f000)
> libcrypto.so.10 =3D> /lib64/libcrypto.so.10
Your Redhat build is linked to the system OpenSSL 1.0.2k release. This=20
clearly won't support TLS 1.3.
lrwxrwxrwx 1 root root 16 Jun 19 14:00 libssl.so.10 -> libssl.so.1.0.2k
Closing this ITS as invalid. I suggest fixing your build process on your=20
RedHat box to link to the correct OpenSSL build. It appears you have the=20
RH openssl development package installed, which is why you're encountering=20
various issues. However, none of this is related to OpenLDAP itself, which =
as I've already noted, behaves correctly when all sides (client & server)=20
are linked to OpenSSL 1.1.1.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>