[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
TLS on W2K
Dear All,
Why do I get the following error (0x52)?
(Platform: Client = W2K, Server = Linux)
START_TLS [Local error][0x52]...
ldap_start_tls: Success
=> Debug output from Server:
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 29 contents:
do_extended
ber_scanf fmt ({a) ber:
ber_get_next
ber_get_next on fd 10 failed errno=11 (Resource temporarily unavailable)
send_ldap_extended 0: (0)
send_ldap_response: msgid=1 tag=120 err=0
ber_flush: 14 bytes to sd 10
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
TLS trace: SSL_accept:SSLv3 read client key exchange A
TLS trace: SSL_accept:SSLv3 read finished A
TLS trace: SSL_accept:SSLv3 write change cipher spec A
TLS trace: SSL_accept:SSLv3 write finished A
TLS trace: SSL_accept:SSLv3 flush data
connection_get(10): got connid=0
connection_read(10): checking for input on id=0
ber_get_next
ber_get_next on fd 10 failed errno=104 (Connection reset by peer)
connection_read(10): input error=-2 id=0, closing.
connection_closing: readying conn=0 sd=10 for close
connection_close: conn=0 sd=10
=> Server slapd.conf
#Enable TLS/SSL
TLSCertificateFile /home/gvm/CA/users/ldapcert.pem
TLSCertificateKeyFile /home/gvm/CA/users/ldap.pem
TLSCACertificateFile /home/gvm/CA/cacert.pem
=> Client code
printf ("INIT...\n");
ld = ldap_init("192.168.0.49", 389);
if( ld == NULL )
{
printf ("Init Error...\n");
return(1);
}
if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ) !=
LDAP_OPT_SUCCESS )
{
fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
version );
return 1;
}
rc = ldap_pvt_tls_set_option(NULL, LDAP_OPT_X_TLS_RANDOM_FILE,
"FILE.RND");
if ( rc != LDAP_SUCCESS )
{
fprintf( stderr, "Error Setting option [%d]...\n", rc);
}
if ( (rc = ldap_start_tls_s( ld, NULL, NULL )) != LDAP_SUCCESS )
{
fprintf( stderr, "START_TLS [%s][0x%02X]...\n", ldap_err2string(rc),
rc);
ldap_perror( ld, "ldap_start_tls");
}
return(0);