[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
SSL/TLS problem (unknown protocol)
I'm testing LDAP authentication and the client is getting the error:
nss_ldap: could not get LDAP result - Can't contact LDAP server
On the client, this is my ldap.conf config:
host shaka.gurulabs.com
base dc=gurulabs,dc=com
port 636
ssl start_tls
On the server I see:
connection_get(10): got connid=6
connection_read(10): checking for input on id=6
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
/usr/1-5-release/src/lib/libssl/../../crypto/dist/openssl/ssl/s23_srvr.c:557
connection_read(10): TLS accept error error=-1 id=6, closing
connection_closing: readying conn=6 sd=10 for close
connection_close: conn=6 sd=10
When I test with openssl using this command on the client:
openssl s_client -connect shaka.gurulabs.com:636
I get this on the server:
connection_get(10): got connid=3
connection_read(10): checking for input on id=3
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
connection_get(10): got connid=3
connection_read(10): checking for input on id=3
TLS trace: SSL_accept:SSLv3 read client key exchange A
TLS trace: SSL_accept:SSLv3 read finished A
TLS trace: SSL_accept:SSLv3 write change cipher spec A
TLS trace: SSL_accept:SSLv3 write finished A
TLS trace: SSL_accept:SSLv3 flush data
On the client I see the certificate and all the SSL info. The CN is
resolvable via DNS.
Any hints here?
BTW, the server I'm running is OpenLDAP 2.0.11 on a Cobalt Qube 2 (mips)
running NetBSD 1.5.1. The client is x86 Red Hat 7.1.
Dax