[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Openldap/TLS and Outlook Express



Probably Outlook express version 5?

It's known not to work with ssl/tls.
The problem is in this case outlook, not the ldap server.

greetz, Dolf

> -----Original Message-----
> From: Janssen, Leander [mailto:Leander.Janssen@kpnqwest.com]
> Sent: woensdag 14 maart 2001 16:40
> To: 'openldap-software@openldap.org'
> Subject: Openldap/TLS and Outlook Express
> 
> 
> hello,
> 
> I'm implementing a LDAP directory server but having problems with the
> Outlook Express ldap client.
> Connecting to the LDAP server without using SSL/TLS is 
> working fine, but as
> soon as I try to use SSL/TLS it is not working anymore. See 
> also debug log.
> 
> The netscape ldap client works fine and also the local ldap 
> tools (like
> ldapsearch) both with and without SSL/TLS.
> 
> I've also included the TLS part of the slapd.conf.
> 
> Any ideas on what might be wrong?
> 
> Leander Janssen
> 
> 
> Debug log:
> 
> [root@sentire openldap]# slapd -h "ldap:/// ldaps:///" -d 1
> @(#) $OpenLDAP: slapd 2.0.7-Release (Tue Mar 13 22:38:17 CET 2001) $
>         root@sentire.slaco.net:/var/tmp/openldap-2.0.7/servers/slapd
> daemon_init: listen on ldap:///
> daemon_init: listen on ldaps:///
> daemon_init: 2 listeners to open...
> ldap_url_parse(ldap:///)
> daemon: socket() failed errno=97 (Address family not 
> supported by protocol)
> daemon: initialized ldap:///
> ldap_url_parse(ldaps:///)
> daemon: socket() failed errno=97 (Address family not 
> supported by protocol)
> daemon: initialized ldaps:///
> daemon_init: 2 listeners opened
> slapd init: initiated server.
> slap_sasl_init: initialized!
> slapd startup: initiated.
> slapd starting
> ldap_pvt_gethostbyname_a: host=sentire.slaco.net, r=0
> connection_get(10): got connid=0
> connection_read(10): checking for input on id=0
> TLS trace: SSL_accept:before/accept initialization
> TLS trace: SSL_accept:SSLv3 read client hello A
> TLS trace: SSL_accept:SSLv3 write server hello A
> TLS trace: SSL_accept:SSLv3 write certificate A
> TLS trace: SSL_accept:SSLv3 write server done A
> TLS trace: SSL_accept:SSLv3 flush data
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> 
> 
> TLS part of slapd.conf:
> 
> TLSCertificateFile      /etc/ssl/certs/ldap.crt
> TLSCertificateKeyFile   /etc/ssl/private/ldap.key
> TLSCACertificateFile    /etc/ssl/certs/ca.crt
> TLSVerifyClient 0
> TLSCipherSuite DES-CBC3-SHA
>