[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS secure connection to an LDAP server



Hi all,
--- "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:
> Have you gotten s_client to work with s_server?  If
> not,
> there is no reason to expect OpenLDAP Software to
> work.

I've gotten s_client to work with s_server.

Here is a sample of my s_server debug output:

  Using default temp DH parameters
  ACCEPT
  SSL_accept:before/accept initialization
  ....
  SSL_accept:SSLv3 read client hello A
  ....
  SSL_accept:SSLv3 write server hello A
  ....
  SSL_accept:SSLv3 write key exchange A
  ....
  SSL_accept:SSLv3 write server done A
  SSL_accept:SSLv3 flush data
  ....
  SSL_accept:SSLv3 write finished A
  SSL_accept:SSLv3 flush data
  ....

======================================================
And this is a part of my s_client output:

  SSL_connect:SSLv3 read server certificate A
  SSL_connect:SSLv3 read server key exchange A
  SSL_connect:SSLv3 read server done A
  SSL_connect:SSLv3 write client key exchange A
  SSL_connect:SSLv3 write change cipher spec A
  SSL_connect:SSLv3 write finished A
  SSL_connect:SSLv3 flush data
  SSL_connect:SSLv3 read finished A
  ---
  Certificate chain
  ...
  ...
  ...
  -----END CERTIFICATE-----
  ---
  Server certificate
  ---
  No client certificate CA names sent
  ---
  SSL handshake has read 2043 bytes and written 276 
bytes
  ---
  New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
  Server public key is 1024 bit
  SSL-Session:
      Protocol  : TLSv1
      Cipher    : DHE-RSA-AES256-SHA
      Session-ID: xxxxxxxxxxxxxxxxxx  
      Session-ID-ctx:
      Master-Key: xxxxxxxxxxxxxxx
      Key-Arg   : None
      Krb5 Principal: None
      Start Time: 1111619531
      Timeout   : 300 (sec)
      Verify return code: 0 (ok)
  ---
====================================================
However, s_client's connection to my ldap server still
failes.

What may I do to solve this problem please?

Thanks


 


	

	
		
__________________________________________________________________
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! 
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/