[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDAP and TLS

To: <Geert.Van.Muylem@SKYNET.BE>
Subject: RE: LDAP and TLS
From: "Howard Chu" <hyc@highlandsun.com>
Date: Sat, 1 Sep 2001 23:44:40 -0700
Cc: "LDAP Mailing List" <openldap-software@OpenLDAP.org>
Importance: Normal
In-reply-to: <5.1.0.14.0.20010901214340.019e7480@127.0.0.1>

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Kurt D.
> Zeilenga

> At 12:07 PM 2001-08-31, Geert Van Muylem wrote:
> >TLS trace: SSL_accept:error in SSLv3 read client certificate A
> >TLS trace: SSL_accept:error in SSLv3 read client certificate A
>
> Somebody with more OpenSSL internals experience will have
> to explain these.  Obviously they are benign messages in
> this case.

Yes, this is a case of the server trying to read the certificate before it
has fully arrived. The SSL code just retries automatically until it has read
the complete cert. This happens quite a lot; the certs tend to be relatively
large and take multiple packets to transmit. There is no problem here.

References:
- Re: LDAP and TLS
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: RFC 2251 Root DSE non-standard
Next by Date: RE: RFC 2251 Root DSE non-standard
Index(es):
- Chronological
- Thread