Re: TLS trace: SSL_accept:error in SSLv2/v3 read client hello A

["Digambar Sawant" <digambar49@gmail.com>]

Dear Arkady,

 

You might have missed certificate part.

Go through my previous mail.

Use fully qualified domain name of the server's hostname while creating the certificates.

 

Use same server FQDN in ldapsearch -x -H ldaps://my-server.mycomp.co.in:636 -b "dc=test,dc=com"

 

Thanks,

Digambar

 

On 4/2/08, Dieter Kluenter <dieter@dkluenter.de> wrote:

"Arkady Shoyhet" <Arkady.Shoyhet@aladdin.com> writes:

> OK ,folks,it is really not simple…
>
> HELP ME PLEASE…
[...]

> TLS trace: SSL_accept:error in SSLv2/v3 read client hello A

> TLS: can't accept.
>
> TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
> s23_srvr.c:562
>
> connection_read(11): TLS accept failure error=-1 id=1, closing
>
> connection_closing: readying conn=1 sd=11 for close
>
> connection_close: conn=1 sd=11
>
> WHY ??? What I am missing ?

one question mark should be sufficient.

something is wrong either with your certificate or with your TLS
configuration in slapd.conf and ldap.conf, please post the relevant
parts.
how did you create the certificates?

-Dieter

--
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6