[ https://issues.apache.org/jira/browse/DIRSERVER-2043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15272052#comment-15272052 ]
Robert Campbell commented on DIRSERVER-2043: -------------------------------------------- This is a default install of the ADS and Studio on the Mac, used for development, testing and learning. We were about to move to production server and have had a Centos instance running as well, all using 10386 not encrypted for ease of use. Now we're migrating to production and adding SSL/TLS things aren't working as expected on both instances. The only changes I have done is to check the boxes in DS GUI to enable TLS 1.0, 1.1, 1.2 . But you are correct in that all three of the settings are like {{ads-enabledprotocols =TLSV1.2}} i.e. capitalised, however changing these to {{TLSv1.2}} etc. does not seem to make a difference, except I'm back to the short error message. Error while opening connection - SSL handshake failed. org.apache.directory.ldap.client.api.exception.InvalidConnectionException: SSL handshake failed. at org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:4149) at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1300) at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1198) at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:365) at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1171) at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:457) at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:303) at org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114) at org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109) at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54) SSL handshake failed. > SSL connection failures errors are useless > ------------------------------------------ > > Key: DIRSERVER-2043 > URL: https://issues.apache.org/jira/browse/DIRSERVER-2043 > Project: Directory ApacheDS > Issue Type: Bug > Affects Versions: 2.0.0-M19 > Reporter: Roy Wellington > Priority: Minor > > When connecting, if StartTLS fails, you get an error such as the following: > {noformat} > Error while opening connection > - SSL handshake failed. > org.apache.directory.ldap.client.api.exception.InvalidConnectionException: > SSL handshake failed. > at > org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:3939) > at > org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1178) > at > org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:368) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:460) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:306) > at > org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114) > at > org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109) > at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54) > SSL handshake failed. > {noformat} > But _why_ did the SSL handshake fail? I don't need the stack trace, I need to > know what exactly failed, something like what Firefox/Chrome do on SSL > failures. I'm trying to debug this right now, and I have absolutely no idea > what's going on here. -- This message was sent by Atlassian JIRA (v6.3.4#6332)