[Date Prev][Date Next] [Chronological] [Thread] [Top]

Bind failing under ssl



When I connect to my ldap server using plain ol' 389 everything works 
just dandy. When I connect to it via ssl, the connection is made, ssl 
appears to handshake, but the bind fails. Below are the slapd logs. Any 
ideas with this one. I have added in a valid ca cert and have a valid 
wildcard cert.
It seems to be a pretty popular problem around these parts but no one 
seems to have posted a solution.
Thanks
Tom

# To allow TLS-enabled connections, create /etc/ssl/openldap/ldap.pem
# and uncomment the following lines.
TLSRandFile            /dev/random
TLSCipherSuite         HIGH:MEDIUM:+SSLv2
TLSCertificateFile      /etc/ssl/openldap/ldap.pem
TLSCertificateKeyFile   /etc/ssl/openldap/ldap.pem
TLSCACertificatePath   /etc/ssl/
TLSCACertificateFile    /etc/ssl/cacert.pem
#TLSCACertificateFile    /etc/ssl/openldap/ldap.pem
TLSVerifyClient never # ([never]|allow|try|demand)

Apr 25 16:06:07 nova slapd[3670]: daemon: activity on 1 descriptors
Apr 25 16:06:07 nova slapd[3670]: daemon: new connection on 12
Apr 25 16:06:07 nova slapd[3670]: conn=1 fd=12 ACCEPT from 
IP=209.6.223.56:32985 (IP=0.0.0.0:636)
Apr 25 16:06:07 nova slapd[3670]: daemon: added 12r
Apr 25 16:06:07 nova slapd[3670]: daemon: activity on:
Apr 25 16:06:07 nova slapd[3670]:  
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=6 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=7 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=8 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=9 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: activity on 1 descriptors
Apr 25 16:06:07 nova slapd[3670]: daemon: activity on:
Apr 25 16:06:07 nova slapd[3670]:  12r
Apr 25 16:06:07 nova slapd[3670]:  
Apr 25 16:06:07 nova slapd[3670]: daemon: read activity on 12
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=6 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=7 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=8 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=9 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: activity on 1 descriptors
Apr 25 16:06:07 nova slapd[3670]: daemon: activity on:
Apr 25 16:06:07 nova slapd[3670]:  12r
Apr 25 16:06:07 nova slapd[3670]:  
Apr 25 16:06:07 nova slapd[3670]: daemon: read activity on 12
Apr 25 16:06:07 nova slapd[3670]: daemon: removing 12
Apr 25 16:06:07 nova slapd[3670]: conn=1 fd=12 closed
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=6 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=7 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=8 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=9 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: activity on 1 descriptors
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=6 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=7 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=8 
active_threads=0 tvp=NULL
Apr 25 16:06:07 nova slapd[3670]: daemon: select: listen=9 
active_threads=0 tvp=NULL