[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS and slurpd



Gerald Carter wrote:
> 
> > I've read several postings late last year about problems
> > using slurpd with the tls=[yes|critical] option on replicas.
> > I keep getting a
> >
> >         TLS: could not allocate default ctx
> >
> > error in the slurpd log and the connection replication fails.
> > Is this supposed to be working in 2.0.7?  I'll keep looking
> > through the code, but I wanted to run this quick question
> > by everyone.
> 
> More information after adding some debug messages....
> 
>    TLS: could not allocate default ctx.
>    error:140A90A1:SSL routines:SSL_CTX_new:library has no ciphers
> 
> Now this is strange since the StartTLS command for
> the client tools works when querying slapd.

After much reading on the OpenSSL API, I decided to start
fresh with a clean OpenLDAP 2.0.7 install (including 
OpenSSL 0.9.6, Cyrus SASL 1.5.24, & Berkeley DB 3.1.17 
all compiled from source).  I started a fresh RedHat 6.2 
install in a VM Ware session and set it up as 
replica.  All works fine...including replication
using the StartTLS extended command.  Interesting....

I need to find out what is making my other install fail.
Just an update for those who are curious.






Cheers, jerry
----------------------------------------------------------------------
   /\  Gerald (Jerry) Carter                     Professional Services
 \/    http://www.valinux.com/  VA Linux Systems   gcarter@valinux.com
       http://www.samba.org/       SAMBA Team          jerry@samba.org
       http://www.plainjoe.org/                     jerry@plainjoe.org

       "...a hundred billion castaways looking for a home."
                                - Sting "Message in a Bottle" ( 1979 )