Hi

My netapp filer is happily doing ldap over ssl lookups for account information to my RHEL 6.7 testing ipa server (ipa-server-3.0.0-47.el6_7.1.x86_64).

However, when I switch the filer to use my RHEL 7.2 ipa server (ipa-server-4.2.0-15.el7_2.3.x86_64) the lookup doesn't work.

In the dirsrv log file I see entries like this:

[28/Jan/2016:09:17:45 +0000] conn=1338 fd=112 slot=112 SSL connection from xxx.xxx.xxx.xxx to yyy.yyy.yy.yyy [28/Jan/2016:09:17:45 +0000] conn=1338 op=-1 fd=112 closed - Cannot communicate securely with peer: no common encryption algorithm(s).

(xxx.xxx.xxx.xxx is the filer ip address and yyy.yyy.yyy.yyy is the ipa server ip address).

Looking in the ldap directory for fields with cipher in the name shows a very different set of nssslenabledciphers between the two ipa-server versions.

I wonder if this might be the issue?

Can the ldap server tell me what ciphers its being requested to use by the filer?

Thanks

Roderick Johnstone




--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project

Reply via email to