[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with TLS and multiple servers in URI

To: openldap-software@OpenLDAP.org
Subject: Problem with TLS and multiple servers in URI
From: Johan Andersson <johan.andersson@se.datalogic.com>
Date: Thu, 23 Sep 2004 22:05:29 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040816

Hello,

I have been using openldap with TLS for quite some time now, and now I needed to add a backup server. Replication works fine. TLS also work, but only if I only have one server in the URI in ldap.conf. If I add the backup server to the URI, TLS stop working.The client can now reach both servers, but TLS always fail with SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure.

From what I can see, slapd stops to negotiate TLS when more than one server is specified in ldap.conf. If I start slapd when there only is one server specified in ldap.conf, and then add the second server when slapd is running, TLS suddenly works, and the client can reach both servers!

/Johan Andersson

Follow-Ups:
- Re: Problem with TLS and multiple servers in URI
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Re: Adding users with email address
Next by Date: Re: SLAP_INDEX_SUBSTR_ANY_LEN & co
Index(es):
- Chronological
- Thread