[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL/TLS failure of 2.0.11 on RH7.1




I just compiler 2.0.11 on a (mostly) RH7.1 box (mostly because most of the RPMs have been upgraded from 7.0, but I'm still running an old kernel). The SSL/TLS functionality appears to be broken; can someone suggest what I'm doing wrong?


# ldapsearch -x "<filter>"

works fine, but	

# ldapsearch -x -ZZ "<filter>"
ldap_start_tls: Success

and

# ldapsearch -x -H ldaps://<IP> "<filter>"
ldap_bind: Can't contact LDAP server

The precompiled 2.0.7 binaries supplied by RH can do TLS/SSL connections just fine, so it's not my server config.

I have tried compiling --without-threads, --without-cyrus-sasl, and --with-ldbm-api=gdbm; none of these help. I'm using openssl 0.9.6 and glibc 2.2.2. Finally, from my latest attempt

# ldd ldapsearch
        libsasl.so.7 => /usr/lib/libsasl.so.7 (0x40021000)
	libssl.so.1 => /usr/lib/libssl.so.1 (0x4002c000)
	libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x40059000)
	libcrypt.so.1 => /lib/libcrypt.so.1 (0x40115000)
	libresolv.so.2 => /lib/libresolv.so.2 (0x40143000)
	libdl.so.2 => /lib/libdl.so.2 (0x40156000)
	libc.so.6 => /lib/libc.so.6 (0x4015a000)
	libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x4028c000)
	libpam.so.0 => /lib/libpam.so.0 (0x40293000)
	/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

might help. Any hints?