I have a problem with TLS support when working with outlook. My slapd.conf file is:
TLSCACertificateFile /etc/postfix/cacert.pem TLSCertificateFile /etc/postfix/CAsrvcvs.pem TLSCertificateKeyFile /etc/postfix/CAsrvcvs_key.pem TLSRandFile /dev/urandom TLSCipherSuite SSLv3 TLSVerifyClient allow When I try to obtain address book from outlook I get following debug information: daemon: activity on 1 descriptor daemon: activity on: daemon: listen=7, new connection on 11 ldap_pvt_gethostbyname_a: host=srvcvs.sftb.ru, r=0 daemon: added 11r conn=0 fd=11 ACCEPT from IP=192.168.0.10:4385 (IP=192.168.0.190:389) daemon: select: listen=7 active_threads=0 tvp=NULL daemon: activity on 1 descriptor daemon: activity on: 11r daemon: read active on 11 connection_get(11) connection_get(11): got connid=0 connection_read(11): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization tls_read: want=11, got=11 0000: 80 4c 01 03 01 00 33 00 00 00 10 .L....3.... tls_read: want=67, got=67 0000: 00 00 04 00 00 05 00 00 0a 01 00 80 07 00 c0 03 ................ 0010: 00 80 00 00 09 06 00 40 00 00 64 00 00 62 00 00 [EMAIL PROTECTED] 0020: 03 00 00 06 02 00 80 04 00 80 00 00 13 00 00 12 ................ 0030: 00 00 63 86 c0 1e 0a 70 c6 05 fb e8 af b8 4c 07 ..c....p......L. 0040: be 86 9b ... TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write certificate request A tls_write: want=1219, written=1219 0000: 16 03 01 00 4a 02 00 00 46 03 01 45 3f 63 93 9f ....J...F..E?c.. 0010: ab 9c 45 b3 93 be c2 ab 02 fc 33 ae 36 36 4e 38 ..E.......3.66N8 0020: e7 a5 f2 e7 c9 d9 6d ce 99 d3 c0 20 f9 49 e8 29 ......m.... .I.) 0030: 58 a3 3c 67 3c d5 a2 20 47 90 0a 43 3a fc d0 c3 X.<g<.. G..C:... 0040: 36 50 73 e7 3a e4 e2 a0 8b 17 35 96 00 04 00 16 6Ps.:.....5..... 0050: 03 01 03 c7 0b 00 03 c3 00 03 c0 00 03 bd 30 82 ..............0. 0060: 03 b9 30 82 03 22 a0 03 02 01 02 02 01 01 30 0d ..0.."........0. 0070: 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 91 ..*.H........0.. 0080: 31 0b 30 09 06 03 55 04 06 13 02 52 55 31 0f 30 1.0...U....RU1.0 0090: 0d 06 03 55 04 08 13 06 4d 6f 73 63 6f 77 31 0f ...U....Moscow1. 00a0: 30 0d 06 03 55 04 07 13 06 4d 6f 73 63 6f 77 31 0...U....Moscow1 00b0: 14 30 12 06 03 55 04 0a 13 0b 53 6f 76 66 69 6e .0...U....Sovfin 00c0: 74 72 61 64 65 31 11 30 0f 06 03 55 04 0b 13 08 trade1.0...U.... 00d0: 6f 70 65 6e 6c 64 61 70 31 17 30 15 06 03 55 04 openldap1.0...U. 00e0: 03 13 0e 73 72 76 63 76 73 2e 73 66 74 62 2e 72 ...srvcvs.sftb.r 00f0: 75 31 1e 30 1c 06 09 2a 86 48 86 f7 0d 01 09 01 u1.0...*.H...... 0100: 16 0f 62 61 72 61 6e 69 6e 40 73 66 74 62 2e 72 [EMAIL PROTECTED] 0110: 75 30 1e 17 0d 30 36 31 30 32 35 30 39 34 30 31 u0...06102509401 0120: 39 5a 17 0d 30 37 31 30 32 35 30 39 34 30 31 39 9Z..071025094019 0130: 5a 30 81 91 31 0b 30 09 06 03 55 04 06 13 02 52 Z0..1.0...U....R 0140: 55 31 0f 30 0d 06 03 55 04 08 13 06 4d 6f 73 63 U1.0...U....Mosc 0150: 6f 77 31 0f 30 0d 06 03 55 04 07 13 06 4d 6f 73 ow1.0...U....Mos 0160: 63 6f 77 31 14 30 12 06 03 55 04 0a 13 0b 53 6f cow1.0...U....So 0170: 76 66 69 6e 74 72 61 64 65 31 11 30 0f 06 03 55 vfintrade1.0...U 0180: 04 0b 13 08 6f 70 65 6e 6c 64 61 70 31 17 30 15 ....openldap1.0. 0190: 06 03 55 04 03 13 0e 73 72 76 63 76 73 2e 73 66 ..U....srvcvs.sf 01a0: 74 62 2e 72 75 31 1e 30 1c 06 09 2a 86 48 86 f7 tb.ru1.0...*.H.. 01b0: 0d 01 09 01 16 0f 62 61 72 61 6e 69 6e 40 73 66 [EMAIL PROTECTED] 01c0: 74 62 2e 72 75 30 81 9f 30 0d 06 09 2a 86 48 86 tb.ru0..0...*.H. 01d0: f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 ...........0.... 01e0: 81 00 e0 4c b1 98 54 d6 82 5c 66 50 78 5b a6 8a ...L..T..\fPx[.. 01f0: 38 01 f1 8d da fb 98 a7 16 9d cf 2b f6 c3 3e 95 8..........+..>. 0200: de 7f ba 50 aa 29 a8 59 21 60 1f db ea ab 81 de ...P.).Y!`...... 0210: 66 24 46 63 85 c4 ca 08 90 4e cd f1 b7 ee 6d a6 f$Fc.....N....m. 0220: 53 ea 09 37 10 ee bb b2 e8 65 d7 85 9b 32 ba c1 S..7.....e...2.. 0230: ee 2c e4 4b 4e d9 e2 e2 42 5f c2 0a 08 15 f6 08 .,.KN...B_...... 0240: fa 89 77 6e cd b5 62 d1 20 2c c3 74 66 04 e7 e4 ..wn..b. ,.tf... 0250: 40 6c f1 13 4e 40 21 93 22 dd 06 22 66 92 20 24 @[EMAIL PROTECTED]".."f. $ 0260: 08 df 02 03 01 00 01 a3 82 01 1d 30 82 01 19 30 ...........0...0 0270: 09 06 03 55 1d 13 04 02 30 00 30 2c 06 09 60 86 ...U....0.0,..`. 0280: 48 01 86 f8 42 01 0d 04 1f 16 1d 4f 70 65 6e 53 H...B......OpenS 0290: 53 4c 20 47 65 6e 65 72 61 74 65 64 20 43 65 72 SL Generated Cer 02a0: 74 69 66 69 63 61 74 65 30 1d 06 03 55 1d 0e 04 tificate0...U... 02b0: 16 04 14 22 71 37 4a 07 40 63 4f 50 ec de 6b 83 ..."[EMAIL PROTECTED] 02c0: 43 fc ed 56 35 b6 12 30 81 be 06 03 55 1d 23 04 C..V5..0....U.#. 02d0: 81 b6 30 81 b3 80 14 28 6f 0a 2d ae 7e c7 c4 0c ..0....(o.-.~... 02e0: 73 03 00 f6 cd e9 e8 2b b5 45 d5 a1 81 97 a4 81 s......+.E...... 02f0: 94 30 81 91 31 0b 30 09 06 03 55 04 06 13 02 52 .0..1.0...U....R 0300: 55 31 0f 30 0d 06 03 55 04 08 13 06 4d 6f 73 63 U1.0...U....Mosc 0310: 6f 77 31 0f 30 0d 06 03 55 04 07 13 06 4d 6f 73 ow1.0...U....Mos 0320: 63 6f 77 31 14 30 12 06 03 55 04 0a 13 0b 53 6f cow1.0...U....So 0330: 76 66 69 6e 74 72 61 64 65 31 11 30 0f 06 03 55 vfintrade1.0...U 0340: 04 0b 13 08 6f 70 65 6e 6c 64 61 70 31 17 30 15 ....openldap1.0. 0350: 06 03 55 04 03 13 0e 73 72 76 63 76 73 2e 73 66 ..U....srvcvs.sf 0360: 74 62 2e 72 75 31 1e 30 1c 06 09 2a 86 48 86 f7 tb.ru1.0...*.H.. 0370: 0d 01 09 01 16 0f 62 61 72 61 6e 69 6e 40 73 66 [EMAIL PROTECTED] 0380: 74 62 2e 72 75 82 01 00 30 0d 06 09 2a 86 48 86 tb.ru...0...*.H. 0390: f7 0d 01 01 04 05 00 03 81 81 00 30 2b 4e 3a bd ...........0+N:. 03a0: a5 02 83 ef a0 f6 ed b6 ec c0 b5 30 d1 18 9c 8c ...........0.... 03b0: 8a c2 e6 8c e5 f9 17 c6 3b 8d 9d 09 3c 99 f6 34 ........;...<..4 03c0: da d2 51 3e 1a 76 4e c4 8a 5a cd ef ea 41 6e 7c ..Q>.vN..Z...An| 03d0: 74 b1 2d ad 36 bb 0b e0 19 1d ee b5 96 73 27 f8 t.-.6........s'. 03e0: ee 2d 78 23 cf 4a 13 31 1b 7c c0 8e 09 2e 96 e9 .-x#.J.1.|...... 03f0: 00 fb c7 05 2d 0e 72 e2 f9 e5 85 5a 84 89 9d ea ....-.r....Z.... 0400: 55 6a 46 61 7c d2 5a 32 12 8c e0 bb fa a1 08 d5 UjFa|.Z2........ 0410: 03 8d d4 4e 39 5d af 44 84 1b 61 16 03 01 00 a3 ...N9].D..a..... 0420: 0d 00 00 9b 02 01 02 00 96 00 94 30 81 91 31 0b ...........0..1. 0430: 30 09 06 03 55 04 06 13 02 52 55 31 0f 30 0d 06 0...U....RU1.0.. 0440: 03 55 04 08 13 06 4d 6f 73 63 6f 77 31 0f 30 0d .U....Moscow1.0. 0450: 06 03 55 04 07 13 06 4d 6f 73 63 6f 77 31 14 30 ..U....Moscow1.0 0460: 12 06 03 55 04 0a 13 0b 53 6f 76 66 69 6e 74 72 ...U....Sovfintr 0470: 61 64 65 31 11 30 0f 06 03 55 04 0b 13 08 6f 70 ade1.0...U....op 0480: 65 6e 6c 64 61 70 31 17 30 15 06 03 55 04 03 13 enldap1.0...U... 0490: 0e 73 72 76 63 76 73 2e 73 66 74 62 2e 72 75 31 .srvcvs.sftb.ru1 04a0: 1e 30 1c 06 09 2a 86 48 86 f7 0d 01 09 01 16 0f .0...*.H........ 04b0: 62 61 72 61 6e 69 6e 40 73 66 74 62 2e 72 75 0e [EMAIL PROTECTED] 04c0: 00 00 00 ... TLS trace: SSL_accept:SSLv3 flush data tls_read: want=5 error=Resource temporarily unavailable !!!!! TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A !!!!! daemon: select: listen=7 active_threads=0 tvp=NULL Including option TLSVerifyClient never to slapd.conf does not result. What I do wrong? Please help me! --- You are currently subscribed to [email protected] as: [EMAIL PROTECTED] To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the SUBJECT of the message.
