[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: [SSl/TLS + LDAP] Wrong version number, no shared cipher



At 12:37 AM 5/6/2004, SECRET Defense wrote:
>other test :__ with ssl3 option__
># openssl s_server -accept 1982 -cert /usr/local/openldap/var/openldap-data/servercert.pem -key /usr/local/openldap/var/openldap-data/serverkey.pem -debug -bugs -ssl3
>It DOESN'T work ! :'( (since now.. more than 3 weeks)
>the server says :
>"SSL routines : SSL3_GET_RECORD : wrong version number:s3_pkt.c:297"
>when I do :
>"# openssl s_client -connect svrldap.tzm.fr:1982 -CAfile /usr/local/openldap/var/openldap-data/cacert.pem -showcerts -state

This issue is more appropriately discussed on an OpenSSL list.

>other test : __with tls1 option__
># openssl s_server -accept 1982 -cert /usr/local/openldap/var/openldap-data/servercert.pem -key /usr/local/openldap/var/openldap-data/serverkey.pem -debug -bugs -tls1
>It DOESN'T work ! :'(
>the server says :
>"SSL routines : SSL3_GET_RECORD : wrong version number:s3_pkt.c:297"
>when I do :
>"# openssl s_client -connect svrldap.tzm.fr:1982 -CAfile /usr/local/openldap/var/openldap-data/cacert.pem -showcerts -state

This issue is more appropriately discussed on an OpenSSL list.

You should resolve the above issues before pursuing issues
regarding use of OpenSSL dependent features in OpenLDAP.

Kurt