[ https://issues.apache.org/jira/browse/DIRSERVER-2043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15272110#comment-15272110 ]
Emmanuel Lecharny commented on DIRSERVER-2043: ---------------------------------------------- It's possible that Studio has a bug, and inject the wrong protocolVersion in the server's configuration. I will investigate that asap. Now, as a workaround, you should be able to change this configuration by modifying the file that contains the {{ads-enabledProtocol}} strings on the server. It's {{ldapServer.ldif}}, you should typically see : {norformat} ... dn: ads-transportid=ldaps,ou=transports,ads-serverId=ldapServer,ou=servers,ads-directoryServiceId=default,ou=config ads-systemport: 10636 ads-transportenablessl: true ads-transportaddress: localhost ads-transportid: ldaps ads-needClientAuth: false ads-wantClientAuth: true ads-enabledCiphers: ... ads-enabledProtocols: TLSV1 ads-enabledProtocols: TLSV1.1 ads-enabledProtocols: TLSV1.2 objectclass: ads-transport objectclass: ads-tcpTransport objectclass: top ads-enabled: true ... {noformat} Otherwise, I strongly suggest you only keep TLSv1.2... > SSL connection failures errors are useless > ------------------------------------------ > > Key: DIRSERVER-2043 > URL: https://issues.apache.org/jira/browse/DIRSERVER-2043 > Project: Directory ApacheDS > Issue Type: Bug > Affects Versions: 2.0.0-M19 > Reporter: Roy Wellington > Priority: Minor > > When connecting, if StartTLS fails, you get an error such as the following: > {noformat} > Error while opening connection > - SSL handshake failed. > org.apache.directory.ldap.client.api.exception.InvalidConnectionException: > SSL handshake failed. > at > org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:3939) > at > org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1178) > at > org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:368) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:460) > at > org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:306) > at > org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114) > at > org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109) > at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54) > SSL handshake failed. > {noformat} > But _why_ did the SSL handshake fail? I don't need the stack trace, I need to > know what exactly failed, something like what Firefox/Chrome do on SSL > failures. I'm trying to debug this right now, and I have absolutely no idea > what's going on here. -- This message was sent by Atlassian JIRA (v6.3.4#6332)