[
https://issues.apache.org/jira/browse/DIRSERVER-2043?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15548503#comment-15548503
]
Andreas Riddering commented on DIRSERVER-2043:
----------------------------------------------
I could give it a try later on, if its possible to test this on the
test-environment. But as there are serveral hundrets of people using the
prouctive env and as its configured with HA stuff and so on, it won't be
possible to change this within a short matter of time.
I am just wondering, why ADS is working fine with an older Java-Version, but
refuses to connect to the same server when working with a newer version. There
must be something, thats taking into account?!?
As i did some testing, your supposal with TLSv1.1 could solve our problem. I
tried to connect to the (older) server with tls1_1 via openssl, and it didnt
work. Using a newer server, which supports TLS1.1 and 1.2 can be connected to
via ADS and newer JavaVersion.
So, is it possible to start ADS (with newer Java Version) with TLS1(.0) Support
enabled?
For the short term it only needs to use the older java version or has tls1(.0)
support enabled. Couldn't find out how this is possible...
> SSL connection failures errors are useless
> ------------------------------------------
>
> Key: DIRSERVER-2043
> URL: https://issues.apache.org/jira/browse/DIRSERVER-2043
> Project: Directory ApacheDS
> Issue Type: Bug
> Affects Versions: 2.0.0-M19
> Reporter: Roy Wellington
> Priority: Minor
>
> When connecting, if StartTLS fails, you get an error such as the following:
> {noformat}
> Error while opening connection
> - SSL handshake failed.
> org.apache.directory.ldap.client.api.exception.InvalidConnectionException:
> SSL handshake failed.
> at
> org.apache.directory.ldap.client.api.LdapNetworkConnection.writeRequest(LdapNetworkConnection.java:3939)
> at
> org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1178)
> at
> org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1076)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$2.run(DirectoryApiConnectionWrapper.java:368)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1175)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.doBind(DirectoryApiConnectionWrapper.java:460)
> at
> org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.bind(DirectoryApiConnectionWrapper.java:306)
> at
> org.apache.directory.studio.connection.core.jobs.OpenConnectionsRunnable.run(OpenConnectionsRunnable.java:114)
> at
> org.apache.directory.studio.connection.core.jobs.StudioConnectionJob.run(StudioConnectionJob.java:109)
> at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54)
> SSL handshake failed.
> {noformat}
> But _why_ did the SSL handshake fail? I don't need the stack trace, I need to
> know what exactly failed, something like what Firefox/Chrome do on SSL
> failures. I'm trying to debug this right now, and I have absolutely no idea
> what's going on here.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
