[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with connecting to ldaps

To: "Grzegorz Filip" <fliper@dgt-lab.com.pl>
Subject: Re: Problem with connecting to ldaps
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 07 Jun 2001 21:15:30 -0700
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <01a301c0ee66$330e6470$1e06a8c0@gringo>

At 01:53 AM 6/6/2001, Grzegorz Filip wrote:
>Hi
>I'm using Openldap 2.0.11 with openssl 0.9.6. I'm runing slapd with following options:
>slapd -f slapd.conf -d1 -h "<ldap:///>ldap:/// <ldaps:///>ldaps:///"
>when I'm trying to search
>ldapsearch -H <ldaps:///>ldaps:/// -x -b"" objectclass=*
>I get message "can't contact LDAP server"
>What could caused that problem ?

Certificate checks.  The name used by the client to locate
the server needs to be the name in the certificate returned
by the server.


> 
>here is what slapd prints
> 
>daemon_init: listen on <ldap:///>ldap:///
>daemon_init: listen on <ldaps:///>ldaps:///
>daemon_init: 2 listeners to open...
>ldap_url_parse_ext(<ldap:///)>ldap:///)
>daemon: socket() failed errno=22 (Invalid argument)
>daemon: initialized <ldap:///>ldap:///
>ldap_url_parse_ext(<ldaps:///)>ldaps:///)
>daemon: socket() failed errno=22 (Invalid argument)
>daemon: initialized <ldaps:///>ldaps:///
>daemon_init: 2 listeners opened
>slapd init: initiated server.
>slap_sasl_init: initialized!
>oc_check_allowed type "member"
>oc_check_allowed type "member"
>oc_check_allowed type "member"
>oc_check_allowed type "member"
>oc_check_allowed type "member"
>oc_check_allowed type "member"
>slapd startup: initiated.
>slapd starting
>ldap_pvt_gethostbyname_a: host=cpiz_0, r=0
>connection_get(10): got connid=0
>connection_read(10): checking for input on id=0
>TLS trace: SSL_accept:before/accept initialization
>TLS trace: SSL_accept:SSLv3 read client hello A
>TLS trace: SSL_accept:SSLv3 write server hello A
>TLS trace: SSL_accept:SSLv3 write certificate A
>TLS trace: SSL_accept:SSLv3 write server done A
>TLS trace: SSL_accept:SSLv3 flush data
>TLS trace: SSL_accept:error in SSLv3 read client certificate A
>TLS trace: SSL_accept:error in SSLv3 read client certificate A
>connection_get(10): got connid=0
>connection_read(10): checking for input on id=0
>TLS trace: SSL_accept:SSLv3 read client key exchange A
>TLS trace: SSL_accept:SSLv3 read finished A
>TLS trace: SSL_accept:SSLv3 write change cipher spec A
>TLS trace: SSL_accept:SSLv3 write finished A
>TLS trace: SSL_accept:SSLv3 flush data
>connection_get(10): got connid=0
>connection_read(10): checking for input on id=0
>ber_get_next
>ber_get_next on fd 10 failed errno=0 (Success)
>connection_read(10): input error=-2 id=0, closing.
>connection_closing: readying conn=0 sd=10 for close
>connection_close: conn=0 sd=10
>TLS trace: SSL3 alert write:warning:close notify
> 
>

Follow-Ups:
- Re: Problem with connecting to ldaps
  - From: Allan Streib <astreib@indiana.edu>

References:
- Problem with connecting to ldaps
  - From: "Grzegorz Filip" <fliper@dgt-lab.com.pl>

Prev by Date: Re: slapindex
Next by Date: Re: OpenLDAP and SASL
Index(es):
- Chronological
- Thread