[ http://issues.apache.org/jira/browse/DIR-185?page=comments#action_12416333 ]
Ralf Hauser commented on DIR-185: --------------------------------- apart from 1) catching the SSLHandshakeException in org.apache.mina.filter.support.SSLHandler.unwrapHandshake and amending its message with some hints for the .ldaprc and the gpg option before re-throwing, and 2) amending the docu in http://directory.apache.org/subprojects/apacheds/docs/users/configuration.html correspondingly I guess this issue can be closed as "WORKSFORME" > ldaps not working with gpg > -------------------------- > > Key: DIR-185 > URL: http://issues.apache.org/jira/browse/DIR-185 > Project: Directory > Type: Bug > Components: miscellaneous > Environment: cygwin gpg (GnuPG) 1.4.1 > Reporter: Ralf Hauser > Assignee: Alex Karasulu > > when doing > myPc> gpg --keyserver ldaps://localhost:2636 --search micky -v > gpg: searching for "micky -v" from ldaps server localhost > gpgkeys: unable to retrieve LDAP base: Can't contact LDAP server > gpg: key "micky -v" not found on keyserver > gpg: keyserver internal error > gpg: keyserver search failed: keyserver error > on the server-side, I see > <<7594 [IoThreadPool-1] INFO > org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler - > [/127.0.0.1:1808] OPENED > 8016 [IoThreadPool-1] INFO > org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler - > [/127.0.0.1:1808] CLOSED > 8016 [IoThreadPool-1] ERROR > org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler - > [/127.0.0.1:1808] EXCEPTION: > javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed. > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:422) > at > org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:494) > at > org.apache.mina.common.support.AbstractIoFilterChain.access$1000(AbstractIoFilterChain.java:52) > at > org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:761) > at > org.apache.mina.filter.ThreadPoolFilter.processEvent(ThreadPoolFilter.java:665) > at > org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(ThreadPoolFilter.java:421) > at > org.apache.mina.filter.ThreadPoolFilter$Worker.run(ThreadPoolFilter.java:376) > Caused by: javax.net.ssl.SSLException: Received fatal alert: unknown_ca > at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1352) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1320) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1482) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:957) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:782) > at > com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:674) > at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:566) > at > org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:675) > at > org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:492) > at > org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:291) > at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:390) > ... 6 more>> > it would be great to know what ca gpg is presenting or what other measures > would make this work... -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
