[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Openldap/TLS and Outlook Express
hello,
I'm implementing a LDAP directory server but having problems with the
Outlook Express ldap client.
Connecting to the LDAP server without using SSL/TLS is working fine, but as
soon as I try to use SSL/TLS it is not working anymore. See also debug log.
The netscape ldap client works fine and also the local ldap tools (like
ldapsearch) both with and without SSL/TLS.
I've also included the TLS part of the slapd.conf.
Any ideas on what might be wrong?
Leander Janssen
Debug log:
[root@sentire openldap]# slapd -h "ldap:/// ldaps:///" -d 1
@(#) $OpenLDAP: slapd 2.0.7-Release (Tue Mar 13 22:38:17 CET 2001) $
root@sentire.slaco.net:/var/tmp/openldap-2.0.7/servers/slapd
daemon_init: listen on ldap:///
daemon_init: listen on ldaps:///
daemon_init: 2 listeners to open...
ldap_url_parse(ldap:///)
daemon: socket() failed errno=97 (Address family not supported by protocol)
daemon: initialized ldap:///
ldap_url_parse(ldaps:///)
daemon: socket() failed errno=97 (Address family not supported by protocol)
daemon: initialized ldaps:///
daemon_init: 2 listeners opened
slapd init: initiated server.
slap_sasl_init: initialized!
slapd startup: initiated.
slapd starting
ldap_pvt_gethostbyname_a: host=sentire.slaco.net, r=0
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS part of slapd.conf:
TLSCertificateFile /etc/ssl/certs/ldap.crt
TLSCertificateKeyFile /etc/ssl/private/ldap.key
TLSCACertificateFile /etc/ssl/certs/ca.crt
TLSVerifyClient 0
TLSCipherSuite DES-CBC3-SHA