[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap-technical Digest, Vol 97, Issue 15



On 12/17/2015 07:14 PM, Ryan Tandy wrote:

On Thu, Dec 17, 2015 at 06:02:02PM +0300, Andrei Valoshyn wrote:
In debug slapd -d -1 output I saw that ldap is trying to load from /etc/ldap/slap.d/ directory although i had put "SLAPD_CONF=/etc/ldap/slapd.conf" to /etc/default/slapd. After I clean up /etc/ldap/slap.d/ directory ldap starting load db and schema, but still can't start with error: 
"
TLS: could not set cipher list HIGH:+TLSv1:+SSLv2:+SSLv3.
56728db6 main: TLS init def ctx failed: -1
56728db6 slapd destroy: freeing system resources.
56728db6 syncinfo_free: rid=115
56728db6 slapd stopped.
56728db6 connections_destroy: nothing to destroy.
"
When I try "openssl ciphers -v HIGH:+TLSv1:+SSLv2:+SSLv3" it's work fine without any error
Which TLS library is your slapd linked against? The cipher strings for OpenSSL are very different, for example, for the priority strings for GnuTLS. 
Issue was fixed. I have incorrect ssl certificates.
Thank guys!

--
With Best Wishes
Andrei Valoshyn
Exadel Inc.
System Administrator
avaloshyn@exadel.com


--
CONFIDENTIALITY NOTICE: This email and files attached to it are confidential. If you are not the intended recipient you are hereby notified that using, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. If you have received this email in error please notify the sender and delete this email.