[
https://issues.apache.org/jira/browse/DIRSERVER-2043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15272052#comment-15272052
]
Robert Campbell commented on DIRSERVER-2043:
--------------------------------------------
This is a default install of the ADS and Studio on the Mac, used for
development, testing and learning. We were about to move to production server
and have had a Centos instance running as well, all using 10386 not encrypted
for ease of use. Now we're migrating to production and adding SSL/TLS things
aren't working as expected on both instances.
The only changes I have done is to check the boxes in DS GUI to enable TLS 1.0,
1.1, 1.2 .
But you are correct in that all three of the settings are like
{{ads-enabledprotocols =TLSV1.2}}
i.e. capitalised, however changing these to {{TLSv1.2}} etc. does not seem to
make a difference, except I'm back to the short error message.
Error while opening connection
- SSL handshake failed.
org.apache.directory.ldap.client.api.exception.InvalidConnectionException: SSL
handshake failed.
at
org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:4149)
at
org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1300)
at
org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1198)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:365)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1171)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:457)
at
org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:303)
at
org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114)
at
org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54)
SSL handshake failed.
> SSL connection failures errors are useless
> ------------------------------------------
>
> Key: DIRSERVER-2043
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2043
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 2.0.0-M19
> Reporter: Roy Wellington
> Priority: Minor
>
> When connecting, if StartTLS fails, you get an error such as the following:
> {noformat}
> Error while opening connection
> - SSL handshake failed.
> org.apache.directory.ldap.client.api.exception.InvalidConnectionException:
> SSL handshake failed.
> at
> org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:3939)
> at
> org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1178)
> at
> org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:368)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:460)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:306)
> at
> org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114)
> at
> org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109)
> at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54)
> SSL handshake failed.
> {noformat}
> But _why_ did the SSL handshake fail? I don't need the stack trace, I need to
> know what exactly failed, something like what Firefox/Chrome do on SSL
> failures. I'm trying to debug this right now, and I have absolutely no idea
> what's going on here.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
