On Fri, 2010-04-30 at 13:11 -0400, Daniel Lenski wrote: > If I try ldaps://directory.umd.edu, I get an error about being unable to > contact the server.
Indeed, the SSL interface seems to be broken. The server closes the connection without sending any data: $ openssl s_client -debug -connect directory.umd.edu:ldaps CONNECTED(00000003) write to 0x1d7f9f0 [0x1d8dc20] (116 bytes => 116 (0x74)) 0000 - 16 03 01 00 6f 01 00 00-6b 03 01 4b db 19 29 45 ....o...k..K..)E 0010 - b9 08 ac 3c 90 47 09 a5-01 20 4a a1 49 c0 70 84 ...<.G... J.I.p. 0020 - da 46 5e a4 3e 2c 09 bf-cc b3 7d 00 00 38 00 39 .F^.>,....}..8.9 0030 - 00 38 00 88 00 87 00 35-00 84 00 16 00 13 00 0a .8.....5........ 0040 - 00 33 00 32 00 9a 00 99-00 45 00 44 00 2f 00 96 .3.2.....E.D./.. 0050 - 00 41 00 05 00 04 00 15-00 12 00 09 00 14 00 11 .A.............. 0060 - 00 08 00 06 00 03 02 01-00 00 09 ff 01 00 01 00 ................ 0070 - 00 23 .# 0074 - <SPACES/NULS> read from 0x1d7f9f0 [0x1d93180] (7 bytes => 0 (0x0)) 139690365220680:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 116 bytes --- New, (NONE), Cipher is (NONE) Compression: NONE Expansion: NONE --- -- Matt
