[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS read client certificate error

To: openldap-software@OpenLDAP.org
Subject: TLS read client certificate error
From: Todd Woods <twoods@divms.uiowa.edu>
Date: Thu, 30 Aug 2001 11:06:44 -0500 (CDT)

Having problems getting TLS to work correctly. 
This is on an HPUX 11.0 system, openssl 0.9.6, openldap 2.0.11

Server side gives errors like

TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS: can't accept.
connection_read(9): TLS accept error error=-1 id=0, closing

Client side, when using something like 

%ldapsearch -ZZ -x -W -debug 

just gives

ldap_start_tls: Success

then returns to prompt, doesn't even ask for password. 

>From previous posts looks like could be a certificate issue but gone over
that multiple times.  Used CA.pl with -newca, -newreq, -sign with changes
to include -nodes. Used server name for CN when running -newreq and ran
"CA.pl -verify" on the resulting certificate to verify it. 
This server has multiple interfaces.  Slapd is configured to start on all
interfaces. 

Any help would be appreciated,

	Thanks,
		Todd Woods

Prev by Date: Authentication progress
Next by Date: Re: AW: multiple slapd instances on one server
Index(es):
- Chronological
- Thread