[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem when activation TLSVerifyClient demand



dear list,

I have no problem to execute the command
                       
                        ldapsearch -H ldaps://  -u  "uid=anupam" -x

here is my TLS part of slapd.conf
----------------------------------------
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile            /etc/openldap/myca/servercert.pem
TLSCertificateKeyFile        /etc/openldap/myca/serverkey.pem
TLSCACertificateFile         /etc/openldap/myca/cacert.pem
TLSVerifyClient  never
-----------------------------------------------------------

Now when I change the [TLSVerifyClient  never]   to    
[TLSVerifyClient  demand]
and try to execute the same command  *  ldapsearch -H ldaps://  -u 
"uid=anupam" -x  *
it gives errors like

ldap_bind: Can't contact LDAP server (-1)
        additional info: error:14094410:SSL
routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Could any one suggest  the problem I have here and the solution please ?