[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#7349) openldap not supporting CAMELLIA ciphers

Full_Name: Swati
Version: 2.4.32
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

openldap is not supporting CAMELLIA based ciphers(both RSA and DSA based)
I have configured SSL LDAP(LDAPS) and on checking SSL connection with LDAPS
server with CAMELLIA based cipher leads to failure in handshake:

openssl s_client -connect localhost:636 -showcerts -cipher
DHE-DSS-CAMELLIA256-SHA -state -CAfile /path_to_cert -cert /path_to_client_cert
-key /path_to_client_key
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
47726707455072:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
handshake failure:s23_clnt.c:741:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 102 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE

Handshake is failing with all camellia ciphers.