[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Newbie OpenLDAP/SSL/Certificates question

tor, 09.09.2004 kl. 17.04 skrev Stefan Champailler:

> Oh, by the way, the error I can read on the _server_ log is :
> TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not 
> return a certificate s3_srvr.c:1999
> Of course, I understand that using certificates only for local prupose is 
> pointless, except that I just want to learn...

This is what any SSL-enabled server/client (http, LDAP, whatever) will
return when the info requested has been sent *unencrypted*.

> (PS: I've read in this ml policy that one shouldn't post about SSL issues, but 
> because I think my certificates are right, well, you know...)

Nope. Read up on Openssl's s_server and s_client and use those for
testing actual Openssl issues. s_client (always use the very latest
Openssl.org release) is a wonderful tool for testing all SSL client
stuff, including MTAs and IMAP servers - and, naturally ;) Openldap.


They love us, don't they, They feed us, won't they,
Oh who will think a boy and bear
Could be well accepted everywhere?
It's just amazing how fair people can be

mail: tonye@billy.demon.nl