Bug#502547: marked as done (libldap-2.4-2: client libldap doesn't send TLS certificate)

Mon, 28 Mar 2011 03:21:25 -0700 

Your message dated Mon, 28 Mar 2011 12:11:00 +0200
with message-id <[email protected]>
and subject line Re: libldap-2.4-2: client libldap doesn't send TLS certificate
has caused the Debian Bug report #502547,
regarding libldap-2.4-2: client libldap doesn't send TLS certificate
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
502547: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=502547
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: libldap-2.4-2
Version: 2.4.11-1
Severity: normal

server slapd.conf:
TLSCACertificateFile /etc/ldap/server.crt
TLSCertificateFile /etc/ldap/server.crt
TLSCertificateKeyFile /etc/ldap/server.key
TLSVerifyClient true

client ldap.conf:
BASE dc=example,dc=org
URI ldaps://ldap.example.org
TLS_CACERT /etc/ldap/server.crt
TLS_CERT /etc/ldap/server.crt
TLS_KEY /etc/ldap/server.key

client log:
ldapsearch -d 255 -x
TLS: can't connect: A TLS fatal alert has been received..
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

server log:
TLS trace: SSL3 alert write:fatal:handshake failure
TLS trace: SSL_accept:error in SSLv3 read client certificate B
TLS: can't accept.
TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not 
return a certificate s3_srvr.c:2455


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libldap-2.4-2 depends on:
ii  libc6                    2.7-15          GNU C Library: Shared libraries
ii  libgnutls26              2.4.2-1         the GNU TLS library - runtime libr
ii  libsasl2-2               2.1.22.dfsg1-23 Cyrus SASL - authentication abstra

libldap-2.4-2 recommends no packages.

libldap-2.4-2 suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message --- 
No information received in 2 years, closing this bug now.

If the bugsubmitter disagrees with this, please reopen and add some more info
to reproduce this.

Regards,

Matthijs Möhlmann

--- End Message ---

Reply via email to