[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Openldap server with TLS not working



Hi ben,
thanks for the comment.
agree with you on TLS usage should be perferred
but the client that is connecting is only capable of LDAPS ... he has not implemented TLS Client jet .

But can you please take a look to the error I am facing

openssl s_client -connect 192.168.30.169:389 -showcerts -CAfile ./ssl/VordelCA.crt
CONNECTED(00000003)
710:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

any idea what can cause this ?
 

AXEL GROSSE
Principal Solution Architect, Sales Solution Center, Axway
P: +61-405-995-768 
828 Pacific Highway
Gordon, 2072 NSW
agrosse@axway.com
http://www.axway.com

-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of btb
Sent: Wednesday, 2 October 2013 10:57 PM
To: openldap-technical@openldap.org
Subject: Re: Openldap server with TLS not working

On 2013.10.02 07.29, Axel Grosse wrote:

> when I test on the server itself ..
> openssl s_client -connect 192.168.30.169:389 -showcerts -CAfile 
> ./ssl/VordelCA.crt
> CONNECTED(00000003)
> 710:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

ldaps [port 636] is deprecated.  use starttls with the standard port [389].  to test, just use ldapsearch [see the reference to -Z in the man page]

-ben