[Date Prev][Date Next] [Chronological] [Thread] [Top]

windows client TLS connection failed



Hi,
 
I'm writing a simple ldap client for windows. I have compiled the necessary openldap library (libldap and liblber) with TLS/SSL using MSVC++ to be used by the windows client. The server is an openldap server installed in linux. Without TLS/SSL, the client can connect successfully to the server, but adding TLS (ldap_start_tls_ssl), it failed with error code 91:
ldap_start_tls_s: 91, connect error.
 
While on the server side:

daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 7r
daemon: read activity on 7
connection_get(7)
connection_get(7): got connid=0
connection_read(7): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11 error=Connection reset by peer
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
connection_read(7): TLS accept error error=-1 id=0, closing
connection_closing: readying conn=0 sd=7 for close
connection_close: conn=0 sd=7
daemon: removing 7
conn=0 fd=7 closed
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
 
What does:
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
connection_read(7): TLS accept error error=-1 id=0, closing
means ? I've set TLSVerifyClient to never, so my guess is that there's a problem with the CA cert provided by client.
 
I installed the ca.der of the server in the windows client, and set it with:

rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, cacert);

in my code. The cacert contains the location of the ca.der and the certificate is valid.
 
Can anybody point me to the right direction, how to write an ldap client for windows...with TLS/SSL connectivity ? I've tried using SSL but it failed with the same error,  TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
 
Thanks for your help !
lara
 


------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------


Do you Yahoo!?
Send holiday email and support a worthy cause. Do good.