[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS client side authentication problem with OpenLDAP

Hi peter,

I dont know if you have already solved your problem about the LDAP TLS sever authentication. I have the same error:

>> After executing the command line : openssl s_client -connect pcformation6.loria.fr:636 -state -CAfile cacert.pem -cert ldap.client.pem -key ldap.client.key.pem.
>> I receive the error message from the client side:

SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
2915:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:455:

>>And from the server side something like:

TLS trace: SSL3 alert write:fatal:handshake failure
TLS trace: SSL_accept:error in SSLv3 read client hello B
TLS trace: SSL_accept:error in SSLv3 read client hello B
TLS: can't accept.
TLS: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher s3_srvr.c:881

I think it means that server cant support the client cipher spec but I am not really sure.

Any help would be welcome.
thanks in advance