[Date Prev][Date Next] [Chronological] [Thread] [Top]

openldap ssl

To: <openldap-software@OpenLDAP.org>
Subject: openldap ssl
From: "undergra" <undergra@vallesnet.org>
Date: Fri, 20 Feb 2004 17:49:02 +0100

Hi, i'm trying to configure ssl on my openldap
but i get some errors:

[...]
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=11
  0000:  30 29 02 01 01 60 24 02  01 03 04                  0)...`$....
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
s23_srvr.c:641
connection_read(10): TLS accept error error=-1 id=2, closing
connection_closing: readying conn=2 sd=10 for close
connection_close: conn=2 sd=10
daemon: removing 10
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL


I made the certificate:

CA.sh -newca
openssl req -new -nodes -keyout newreq.pem -out newreq.pem
CA.sh -sign

(The common name is the ip server)

cp cacert.pem /etc/ssl/demoCA/cacert.pem
mv newcert.pem /etc/ssl/servercrt.pem
mv newreq.pem /etc/ssl/serverkey.pem

my slapd.conf:
[..]
TLSCACertificateFile /etc/ssl/demoCA/cacert.pem
TLSCertificateFile /etc/ssl/servercrt.pem
TLSCertificateKeyFile /etc/ssl/serverkey.pem
[..]

my ldap.conf
[..]
TLS_CACERT /etc/ssl/demoCA/cacert.pem
[...]

anyone help me please?

thanks!

Prev by Date: Re: LDAP An Null Bind
Next by Date: Re: Trying to restore ldap database
Index(es):
- Chronological
- Thread