slapd.conf
TLSCertificateFile
/etc/openldap/cert.pem
TLSCertificateKeyFile /etc/openldap/key.pem
TLSCertificateKeyFile /etc/openldap/key.pem
ldap.conf
TLS_CACERT
/etc/openldap/cert.pem
command
[EMAIL PROTECTED] tameem]# openssl s_client -connect
localhost:389 -CAfile /etc/o
penldap/cert.pem -key /etc/openldap/key.pem -state -debug
penldap/cert.pem -key /etc/openldap/key.pem -state -debug
result
CONNECTED(00000003)
SSL_connect:before/connect initializations
write to 0816EDF8 [081704A0] (148 bytes => 148 (0x94))
0000 - 80 92 01 03 01 00 69 00-00 00 20 00 00 39 00 00 ......i... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 00 00 07 05 00 80 03 ..3..2../.......
0030 - 00 80 00 00 66 00 00 05-00 00 04 01 00 80 08 00 ....f...........
0040 - 80 00 00 63 00 00 62 00-00 61 00 00 15 00 00 12 ...c..b..a......
0050 - 00 00 09 06 00 40 00 00-65 00 00 64 00 00 60 00 [EMAIL PROTECTED]..`.
0060 - 00 14 00 00 11 00 00 08-00 00 06 04 00 80 00 00 ................
0070 - 03 02 00 80 d6 89 f4 35-6c b0 92 02 27 23 b2 3d .......5l...'#.=
0080 - be cb 6f 8b 8c 53 00 5d-da 67 f5 bf 3d 1a 2d c6 ..o..S.].g..=.-.
0090 - e6 1e 18 9c ....
SSL_connect:SSLv2/v3 write client hello A
read from 0816EDF8 [08175A00] (7 bytes => 0 (0x0))
12531:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.
:226:
SSL_connect:before/connect initializations
write to 0816EDF8 [081704A0] (148 bytes => 148 (0x94))
0000 - 80 92 01 03 01 00 69 00-00 00 20 00 00 39 00 00 ......i... ..9..
0010 - 38 00 00 35 00 00 16 00-00 13 00 00 0a 07 00 c0 8..5............
0020 - 00 00 33 00 00 32 00 00-2f 00 00 07 05 00 80 03 ..3..2../.......
0030 - 00 80 00 00 66 00 00 05-00 00 04 01 00 80 08 00 ....f...........
0040 - 80 00 00 63 00 00 62 00-00 61 00 00 15 00 00 12 ...c..b..a......
0050 - 00 00 09 06 00 40 00 00-65 00 00 64 00 00 60 00 [EMAIL PROTECTED]..`.
0060 - 00 14 00 00 11 00 00 08-00 00 06 04 00 80 00 00 ................
0070 - 03 02 00 80 d6 89 f4 35-6c b0 92 02 27 23 b2 3d .......5l...'#.=
0080 - be cb 6f 8b 8c 53 00 5d-da 67 f5 bf 3d 1a 2d c6 ..o..S.].g..=.-.
0090 - e6 1e 18 9c ....
SSL_connect:SSLv2/v3 write client hello A
read from 0816EDF8 [08175A00] (7 bytes => 0 (0x0))
12531:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.
:226:
i'm running slapd in 255th debug mode which is
listening on 389 port. The Server TLS trace is as
follows
daemon: activity on 1 descriptors
daemon: new connection on 9
daemon: added 9r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 9r
daemon: read activity on 9
connection_get(9)
connection_get(9): got connid=1
connection_read(9): checking for input on id=1
ber_get_next
ldap_read: want=8, got=8
0000: 80 92 01 03 01 00 69 00 ......i.
ber_get_next on fd 9 failed errno=34 (Numerical result out of range)
connection_read(9): input error=-2 id=1, closing.
connection_closing: readying conn=1 sd=9 for close
connection_close: conn=1 sd=9
daemon: removing 9
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: new connection on 9
daemon: added 9r
daemon: activity on:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 9r
daemon: read activity on 9
connection_get(9)
connection_get(9): got connid=1
connection_read(9): checking for input on id=1
ber_get_next
ldap_read: want=8, got=8
0000: 80 92 01 03 01 00 69 00 ......i.
ber_get_next on fd 9 failed errno=34 (Numerical result out of range)
connection_read(9): input error=-2 id=1, closing.
connection_closing: readying conn=1 sd=9 for close
connection_close: conn=1 sd=9
daemon: removing 9
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
can any one please help me
proceed?
anticipating early help
regards & thanks
Tameem
Ahmed Khan (Project Engineer)
====================================
Wipro Technologies
26, Hosur Main Road, Bommanahalli,
Bangalore 560068, Karnataka, India.
Tel : 91-80-25732296 Extn: 5222
====================================
Wipro Technologies
26, Hosur Main Road, Bommanahalli,
Bangalore 560068, Karnataka, India.
Tel : 91-80-25732296 Extn: 5222
Fax :
91-80-25732696
Mob : 0-9886764101
mail: [EMAIL PROTECTED]
Web : http://www.wipro.com
====================================
Mob : 0-9886764101
mail: [EMAIL PROTECTED]
Web : http://www.wipro.com
====================================
"Sweat more in
peace to bleed less in war"
Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments. |