[Date Prev][Date Next]
Im trying to get my SSL/TLS things to work with ldap, e.g. I'd like
ldapsearch -H ldaps://ldap.example.com to return entries. This command
works if I execute it on the same machine as the ldap server resides.
But not on an other client!
First of all, my configuration:
ldap.conf (on both machines)
First I try to search on the "server-computer". This works fine, both
with -H ldaps://ldapserver and -ZZ. I also try to run openssl s_client
-connect ldap.example.com:636, this returns ok.
Then I move to the other computer.
Running openssl s_client -connect ldap.example.com:636 returns
10097:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
adding -ssl2 to the openssl command lines returns
Verify return code: 0 (ok)
Running ldapserach -H ldaps://ldap.example.com returns
TLS trace: SSL_connect:SSLv3 flush data
tls_read: want=5, got=0
TLS trace: SSL_connect:failed in SSLv3 read finished A
TLS: can't connect.
I've alse tried to run openssl s_server with the same certs as the
ldapserver uses on the "servercomputer", then I try to connect with both
ldapsearch and openssl s_client, both works fine!
What could make things go wrong here? I'm using exactly the same
configuration, ca-files on both machines. I have the same openssl
version on both machines. I have OpenLDAP 2.2.26 on both machines.
Any help would be much appreciated!