[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Certificate Signature Failure

Siva Kollipara wrote:

i am not sure, if it were a problem with the library then it should fail
everytime i try consistently.. but this is not the case.. it only fails
when a try a particular workflow. i tried a sample application doing the
same thing and that worked fine. (i even tried a newer version of the
library - but this didnt help either)

seeking help and advice,

You've already gotten some good advice. Start by using up to date software. The current version of OpenSSL is 0.9.7d, released on March 17 2004 and containing important security fixes. Quanah has already pointed out the need to upgrade OpenLDAP.

After you've brought your software up to current revisions, if you still see the problem, debugging with something like ElectricFence may help. Generally if a program starts to misbehave after some number of runs, that tends to indicate a memory corruption somewhere, and ElectricFence may help identify it.

It's important to point out - the OpenLDAP project never releases patches to previous releases. So there's no point in diagnosing your problem on your 2.1.22 install. Patches/bugfixes are only made to the latest source. Right now that means 2.2.x; we have only two patches for 2.1 in the tree at the moment and it's doubtful that there will be any more.

I am faced with a weird error,

when i try to bind to an ldap server, i get "Certificate Signature
Failure", i am not sure why this is coming up.

I am using 0.9.7b openssl and 2.1.22 openldap. the connections happen

OpenLDAP 2.1.22 was an extremely broken release, you need to upgrade to at least 2.1.30, I suggest the latest stable release (2.2.13).

-- -- Howard Chu Chief Architect, Symas Corp. Director, Highland Sun http://www.symas.com http://highlandsun.com/hyc Symas: Premier OpenSource Development and Support