[Date Prev][Date Next] [Chronological] [Thread] [Top]

Error, ldap_start_tls failed (-11)

To: <openldap-technical@OpenLDAP.org>
Subject: Error, ldap_start_tls failed (-11)
From: <arun.sasi1@wipro.com>
Date: Tue, 18 Sep 2012 05:07:34 +0000
Accept-language: en-US, en-IN
Content-language: en-US
Thread-index: AQHNlVuDnExBuElPckCOEC7ZfM1X9g==
Thread-topic: Error, ldap_start_tls failed (-11)

Hello Guillaume Rousse/Team,

but I can replicate with my old slave OpenLDAP servers without any issues, only changes is below.

1) Master OpenLDAP server in Ubuntu 9.04 OS and OpenLDAP version 2.4.19
2) Slave OpenLDAP servers are in Ubuntu 9.04 and OpenLDAP version 2.4.19
3) New OpenLDAP slave server in Ubuntu 12.04 and OpenLDAP Version in 2.4.28

Did we get any issue with replicattion when I replicate with old version from new slave version ?

Is there any issues if I create certificate from old version OS to new version OS.

Thanks
-Arun


Message: 2
Date: Mon, 17 Sep 2012 10:35:03 +0200
From: Guillaume Rousse <guillomovitch@gmail.com>
To: openldap-technical@openldap.org
Subject: Re: Error, ldap_start_tls failed (-11)
Message-ID: <5056E0B7.4000909@gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Le 16/09/2012 08:48, arun.sasi1@wipro.com a ?crit :
> for 636
> Sep 16 10:47:26 ae0043app05 slapd[10982]: slap_client_connect: URI=ldap://gb0135embldap01.emb.slb.com:636 Error, ldap_start_tls failed (-1)
> Sep 16 10:47:26 ae0043app05 slapd[10982]: do_syncrepl: rid=365 rc -1 retrying
Using plain ldap protocol on port 636 is bound to fail: either use ldaps
on this port, or plain ldap on port 389 with start_tls.

> for 389
> Sep 16 10:31:42 ae0043app05 slapd[10282]: slap_client_connect: URI=ldap://gb0135embldap01.emb.slb.com:389 Error, ldap_start_tls failed (-11)
>
> I dont know how to check TLS manually... could you please help me...
ldapsearch -H ldaps://your.server.tld -d 1

BTW, your problem seems to be a generic SSL issue, likely to comes from
your server certificate.
--
BOFH excuse #87:

Password is too complex to decrypt

Please do not print this email unless it is absolutely necessary. 

The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. 

WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. 

www.wipro.com

Follow-Ups:
- Re: Error, ldap_start_tls failed (-11)
  - From: Guillaume Rousse <guillomovitch@gmail.com>

Prev by Date: Re: Proxy setup not caching against Active Directory
Next by Date: Re: Error, ldap_start_tls failed (-11)
Index(es):
- Chronological
- Thread