[Date Prev][Date Next]
[Fwd: TLS and slurpd]
I'm moving this over the openldap-devel as this
is becoming more of an "TLS support in the OpenLDAP
Since my last post, I have reviewed the slurpd code in HEAD
which does not seemed to have changed much. I noted a
few changes in libldap/tls.c, but nothing that addressed by
Can anyone help give me a push in the right direction.
I know this works, but for some reason, a server with
a seemingly identical setup as a working one will not
use TLS for replication.
Gerald Carter wrote:
> Gerald Carter wrote:
> > > I've read several postings late last year about problems
> > > using slurpd with the tls=[yes|critical] option on replicas.
> > > I keep getting a
> > >
> > > TLS: could not allocate default ctx
> > >
> > > error in the slurpd log and the connection replication fails.
> > > Is this supposed to be working in 2.0.7? I'll keep looking
> > > through the code, but I wanted to run this quick question
> > > by everyone.
> > More information after adding some debug messages....
> > TLS: could not allocate default ctx.
> > error:140A90A1:SSL routines:SSL_CTX_new:library has no ciphers
> > Now this is strange since the StartTLS command for
> > the client tools works when querying slapd.
> After much reading on the OpenSSL API, I decided to start
> fresh with a clean OpenLDAP 2.0.7 install (including
> OpenSSL 0.9.6, Cyrus SASL 1.5.24, & Berkeley DB 3.1.17
> all compiled from source). I started a fresh RedHat 6.2
> install in a VM Ware session and set it up as
> replica. All works fine...including replication
> using the StartTLS extended command. Interesting....
> I need to find out what is making my other install fail.
> Just an update for those who are curious.
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com/ VA Linux Systems firstname.lastname@example.org
http://www.samba.org/ SAMBA Team email@example.com
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )