Anthony Winstanley created DIRSTUDIO-1173:
---------------------------------------------
Summary: StartTLS fails when required by LDAP service
Key: DIRSTUDIO-1173
URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1173
Project: Directory Studio
Issue Type: Bug
Affects Versions: 2.0.0-M13
Environment: Windows 10 Pro 64bit
Reporter: Anthony Winstanley
We have 389-ds sitting behind an f5 load balancer. The load balancer requires
connections on port 389 to use StartTLS. It makes connections to the 389-ds
servers on port 389 using StartTLS.
If I connect directly to port 389 on a 389-ds server with "Use StartTLS
extension", the connection is fine. If I change the hostname of this connection
to the load-balanced hostname, I get:
"The connection failed - [LDAP: error code 48 - STARTTLS required]"
However, ldapsearch successfully makes STARTTLS connections through the load
balancer like:
ldapsearch -x -H ldap://lbhost.example.com -ZZ
My guess is that ADS is not activating StartTLS soon enough when connecting to
port 389... which is fine if the connection doesn't require the use of
StartTLS, but unworkable when it does.
Of course, I'm hoping this is an easy fix...
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
