[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS client side authentication problem with OpenLDAP

To: lanwanhr@yahoo.com, openldap-software@OpenLDAP.org
Subject: TLS client side authentication problem with OpenLDAP
From: Charaf Ech-Chatbi <Charaf.Ech-chatbi@loria.fr>
Date: Tue, 23 Sep 2003 11:24:58 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; fr-FR; rv:1.0.2) Gecko/20030208 Netscape/7.02

Hi peter,

I dont know if you have already solved your problem about the LDAP TLS sever authentication. I have the same error:

>> After executing the command line : openssl s_client -connect pcformation6.loria.fr:636 -state -CAfile cacert.pem -cert ldap.client.pem -key ldap.client.key.pem. >> I receive the error message from the client side:

CONNECTED(00000003) SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL3 alert read:fatal:handshake failure SSL_connect:error in SSLv2/v3 read server hello A 2915:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:455:

>>And from the server side something like:

TLS trace: SSL3 alert write:fatal:handshake failure TLS trace: SSL_accept:error in SSLv3 read client hello B TLS trace: SSL_accept:error in SSLv3 read client hello B TLS: can't accept. TLS: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher s3_srvr.c:881

I think it means that server cant support the client cipher spec but I am not really sure.

Any help would be welcome.
thanks in advance

--
CHE

Prev by Date: Re: newbie
Next by Date: Re: Attribute Sintax
Index(es):
- Chronological
- Thread