[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: problems with TLS in openldap server/client
You need to configure the location of the client certificate on the LDAP
client.
Add
TLS_CERT <certpath>
TLS_KEY <keypath>
to your ~/.ldaprc file.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Tarassov Vadim
> Sent: Friday, June 21, 2002 10:29 AM
> To: openssl-users@openssl.org
> Cc: openldap-software@OpenLDAP.org
> Subject: problems with TLS in openldap server/client
>
>
> Hallo everybody!
>
> As you know openldap uses openssl, and I started to get feeling
> that they use it somehow wrong. Problem I somehow can not manage
> to make TLS server to authenticate TLS client. Could you please
> look in debug output of client and server below, probably, you
> will be able to say what's going wrong there? Thanx, Vadim Tarassov.
>
>
> TLS trace: SSL_connect:before/connect initialization
> tls_write: want=130, written=130
> 0000: 80 80 01 03 01 00 57 00 00 00 20 00 00 16 00 00
> ......W... .....
> 0010: 13 00 00 0a 07 00 c0 00 00 66 00 00 07 00 00 05
> .........f......
> 0020: 00 00 04 05 00 80 03 00 80 01 00 80 08 00 80 00
> ................
> 0030: 00 65 00 00 64 00 00 63 00 00 62 00 00 61 00 00
> .e..d..c..b..a..
> 0040: 60 00 00 15 00 00 12 00 00 09 06 00 40 00 00 14
> `...........@...
> 0050: 00 00 11 00 00 08 00 00 06 00 00 03 04 00 80 02
> ................
> 0060: 00 80 06 aa 6a 6a c9 64 40 70 d9 c7 08 30 89 29
> ....jj.d@p...0.)
> 0070: 9a 10 de 0e d3 f5 2f 17 af 38 96 21 9a 07 3d ad
> ....../..8.!..=.
> 0080: cf f8 ..
>
> TLS trace: SSL_connect:SSLv2/v3 write client hello A
> tls_read: want=7, got=7
> 0000: 16 03 01 00 4a 02 00
> ....J..
> tls_read: want=72, got=72
> 0000: 00 46 03 01 3d 13 60 a9 a8 53 44 ab 95 3f 3b e3
> .F..=.`..SD..?;.
> 0010: 8b d1 60 fe 07 c6 12 bf c5 d5 d5 ef d5 7e 18 84
> ..`..........~..
> 0020: 35 41 ad 10 20 56 04 a1 dd d6 38 fa 2f 95 91 dd 5A..
> V....8./...
> 0030: 74 33 9c 36 08 cd 58 0e 46 8c 92 3b d6 2b fb 86
> t3.6..X.F..;.+..
> 0040: f2 ad 8e e2 be 00 0a 00
> ........
> TLS trace: SSL_connect:SSLv3 read server hello A
> tls_read: want=5, got=5
> 0000: 16 03 01 07 e6 .....
>
> tls_read: want=2022, got=2022
> 0000: 0b 00 07 e2 00 07 df 00 03 fc 30 82 03 f8 30 82
> ..........0...0.
> 0010: 03 61 a0 03 02 01 02 02 02 10 02 30 0d 06 09 2a
> .a.........0...*
> 0020: 86 48 86 f7 0d 01 01 04 05 00 30 81 aa 31 0b 30
> .H........0..1.0
> 0030: 09 06 03 55 04 06 13 02 43 48 31 12 30 10 06 03
> ...U....CH1.0...
> 0040: 55 04 08 13 09 53 6f 6d 65 77 68 65 72 65 31 13
> U....Somewhere1.
> 0050: 30 11 06 03 55 04 07 13 0a 57 69 6e 74 65 72 74
> 0...U....Wintert
> 0060: 68 75 72 31 1c 30 1a 06 03 55 04 0a 13 13 4f 6e
> hur1.0...U....On
> 0070: 6c 69 6e 65 20 56 69 6f 6c 65 6e 63 65 20 4c 74 line
> Violence Lt
> 0080: 64 31 1a 30 18 06 03 55 04 0b 13 11 53 65 78 75
> d1.0...U....Sexu
> 0090: 61 6c 20 48 61 72 61 73 6d 65 6e 74 73 31 0e 30 al
> Harasments1.0
> 00a0: 0c 06 03 55 04 03 13 05 52 61 74 74 65 31 28 30
> ...U....Ratte1(0
> 00b0: 26 06 09 2a 86 48 86 f7 0d 01 09 01 16 19 72 61
> &..*.H........ra
> 00c0: 74 74 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c 65
> tte@online-viole
> 00d0: 6e 63 65 2e 63 6f 6d 30 1e 17 0d 30 32 30 36 31
> nce.com0...02061
> 00e0: 38 31 37 30 34 30 37 5a 17 0d 30 33 30 36 31 38
> 8170407Z..030618
> 00f0: 31 37 30 34 30 37 5a 30 81 9d 31 0b 30 09 06 03
> 170407Z0..1.0...
> 0100: 55 04 06 13 02 43 48 31 12 30 10 06 03 55 04 08
> U....CH1.0...U..
> 0110: 13 09 53 6f 6d 65 77 68 65 72 65 31 1c 30 1a 06
> ..Somewhere1.0..
> 0120: 03 55 04 0a 13 13 4f 6e 6c 69 6e 65 20 56 69 6f
> .U....Online Vio
> 0130: 6c 65 6e 63 65 20 4c 74 64 31 1a 30 18 06 03 55 lence
> Ltd1.0...U
> 0140: 04 0b 13 11 53 65 78 75 61 6c 20 48 61 72 61 73
> ....Sexual Haras
> 0150: 6d 65 6e 74 73 31 13 30 11 06 03 55 04 03 13 0a
> ments1.0...U....
> 0160: 65 63 70 6d 61 69 6e 74 30 35 31 2b 30 29 06 09
> ecpmaint051+0)..
> 0170: 2a 86 48 86 f7 0d 01 09 01 16 1c 76 61 64 69 6d
> *.H........vadim
> 0180: 2e 74 61 72 61 73 73 6f 76 40 77 69 6e 74 65 72
> .tarassov@winter
> 0190: 74 68 75 72 2e 63 68 30 81 9f 30 0d 06 09 2a 86
> thur.ch0..0...*.
> 01a0: 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89
> H............0..
> 01b0: 02 81 81 00 a4 d3 f9 b8 89 f6 ec b0 75 d9 eb 1c
> ............u...
> 01c0: 1c 11 42 b7 19 f0 18 5f c6 50 03 49 2f 72 59 4b
> ..B...._.P.I/rYK
> 01d0: 4c c3 b3 50 73 b8 0c b6 e1 60 98 e7 f1 48 8f b2
> L..Ps....`...H..
> 01e0: 27 64 0d 89 9b c1 e7 d6 e8 68 d3 78 fc a1 cc fc
> 'd.......h.x....
> 01f0: ef 7b fb de 4d d3 52 c5 bd d5 80 a0 43 e1 77 e0
> .{..M.R.....C.w.
> 0200: 88 84 a8 52 86 85 25 40 9a a1 09 6b 0b 48 e2 c7
> ...R..%@...k.H..
> 0210: b3 09 50 aa 05 74 cd d1 1f 17 62 52 45 88 72 8b
> ..P..t....bRE.r.
> 0220: ed 73 a3 8a d4 df a0 e5 e6 46 5e 3a c9 9d c5 55
> .s.......F^:...U
> 0230: 83 e2 2a 37 02 03 01 00 01 a3 82 01 36 30 82 01
> ..*7........60..
> 0240: 32 30 09 06 03 55 1d 13 04 02 30 00 30 2c 06 09
> 20...U....0.0,..
> 0250: 60 86 48 01 86 f8 42 01 0d 04 1f 16 1d 4f 70 65
> `.H...B......Ope
> 0260: 6e 53 53 4c 20 47 65 6e 65 72 61 74 65 64 20 43 nSSL
> Generated C
> 0270: 65 72 74 69 66 69 63 61 74 65 30 1d 06 03 55 1d
> ertificate0...U.
> 0280: 0e 04 16 04 14 e4 91 ed 29 9b 95 f3 d7 b9 21 9d
> ........).....!.
> 0290: 60 28 81 80 7a ac b7 01 c6 30 81 d7 06 03 55 1d
> `(..z....0....U.
> 02a0: 23 04 81 cf 30 81 cc 80 14 31 af 2d 7c 61 23 45
> #...0....1.-|a#E
> 02b0: 31 8b 16 3d a9 9c c1 0d a2 0a 18 5a a2 a1 81 b0
> 1..=.......Z....
> 02c0: a4 81 ad 30 81 aa 31 0b 30 09 06 03 55 04 06 13
> ...0..1.0...U...
> 02d0: 02 43 48 31 12 30 10 06 03 55 04 08 13 09 53 6f
> .CH1.0...U....So
> 02e0: 6d 65 77 68 65 72 65 31 13 30 11 06 03 55 04 07
> mewhere1.0...U..
> 02f0: 13 0a 57 69 6e 74 65 72 74 68 75 72 31 1c 30 1a
> ..Winterthur1.0.
> 0300: 06 03 55 04 0a 13 13 4f 6e 6c 69 6e 65 20 56 69
> ..U....Online Vi
> 0310: 6f 6c 65 6e 63 65 20 4c 74 64 31 1a 30 18 06 03 olence
> Ltd1.0...
> 0320: 55 04 0b 13 11 53 65 78 75 61 6c 20 48 61 72 61
> U....Sexual Hara
> 0330: 73 6d 65 6e 74 73 31 0e 30 0c 06 03 55 04 03 13
> sments1.0...U...
> 0340: 05 52 61 74 74 65 31 28 30 26 06 09 2a 86 48 86
> .Ratte1(0&..*.H.
> 0350: f7 0d 01 09 01 16 19 72 61 74 74 65 40 6f 6e 6c
> .......ratte@onl
> 0360: 69 6e 65 2d 76 69 6f 6c 65 6e 63 65 2e 63 6f 6d
> ine-violence.com
> 0370: 82 01 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04
> ...0...*.H......
> 0380: 05 00 03 81 81 00 c4 51 05 2e b0 c2 b5 b2 f3 e1
> .......Q........
> 0390: d3 c2 32 99 fe d9 d6 cc 48 05 0a 13 f4 94 34 28
> ..2.....H.....4(
> 03a0: f6 99 db 9e 38 ec 70 62 b0 ae bc 0a 63 64 62 00
> ....8.pb....cdb.
> 03b0: ec 36 b6 52 bb 57 98 79 ff 50 ab 1d a6 c2 71 3f
> .6.R.W.y.P....q?
> 03c0: 84 86 45 4c 00 09 97 24 fc 3e 64 8c 4e 12 28 85
> ..EL...$.>d.N.(.
> 03d0: 31 cb 23 2b 18 bb bc 2d 70 c1 db 23 f8 2b 72 54
> 1.#+...-p..#.+rT
> 03e0: 73 1d e9 5d a9 6a 6b 1d ea d9 b3 db 73 c5 8c ba
> s..].jk.....s...
> 03f0: 69 2e 9f 16 61 22 26 37 4a 35 f5 1b da 31 73 bc
> i...a"&7J5...1s.
> 0400: 18 af a7 64 e8 02 00 03 dd 30 82 03 d9 30 82 03
> ...d.....0...0..
> 0410: 42 a0 03 02 01 02 02 01 00 30 0d 06 09 2a 86 48
> B........0...*.H
> 0420: 86 f7 0d 01 01 04 05 00 30 81 aa 31 0b 30 09 06
> ........0..1.0..
> 0430: 03 55 04 06 13 02 43 48 31 12 30 10 06 03 55 04
> .U....CH1.0...U.
> 0440: 08 13 09 53 6f 6d 65 77 68 65 72 65 31 13 30 11
> ...Somewhere1.0.
> 0450: 06 03 55 04 07 13 0a 57 69 6e 74 65 72 74 68 75
> ..U....Winterthu
> 0460: 72 31 1c 30 1a 06 03 55 04 0a 13 13 4f 6e 6c 69
> r1.0...U....Onli
> 0470: 6e 65 20 56 69 6f 6c 65 6e 63 65 20 4c 74 64 31 ne
> Violence Ltd1
> 0480: 1a 30 18 06 03 55 04 0b 13 11 53 65 78 75 61 6c
> .0...U....Sexual
> 0490: 20 48 61 72 61 73 6d 65 6e 74 73 31 0e 30 0c 06
> Harasments1.0..
> 04a0: 03 55 04 03 13 05 52 61 74 74 65 31 28 30 26 06
> .U....Ratte1(0&.
> 04b0: 09 2a 86 48 86 f7 0d 01 09 01 16 19 72 61 74 74
> .*.H........ratt
> 04c0: 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c 65 6e 63
> e@online-violenc
> 04d0: 65 2e 63 6f 6d 30 1e 17 0d 30 32 30 36 31 33 31
> e.com0...0206131
> 04e0: 34 34 33 35 32 5a 17 0d 30 33 30 36 31 33 31 34
> 44352Z..03061314
> 04f0: 34 33 35 32 5a 30 81 aa 31 0b 30 09 06 03 55 04
> 4352Z0..1.0...U.
> 0500: 06 13 02 43 48 31 12 30 10 06 03 55 04 08 13 09
> ...CH1.0...U....
> 0510: 53 6f 6d 65 77 68 65 72 65 31 13 30 11 06 03 55
> Somewhere1.0...U
> 0520: 04 07 13 0a 57 69 6e 74 65 72 74 68 75 72 31 1c
> ....Winterthur1.
> 0530: 30 1a 06 03 55 04 0a 13 13 4f 6e 6c 69 6e 65 20
> 0...U....Online
> 0540: 56 69 6f 6c 65 6e 63 65 20 4c 74 64 31 1a 30 18
> Violence Ltd1.0.
> 0550: 06 03 55 04 0b 13 11 53 65 78 75 61 6c 20 48 61
> ..U....Sexual Ha
> 0560: 72 61 73 6d 65 6e 74 73 31 0e 30 0c 06 03 55 04
> rasments1.0...U.
> 0570: 03 13 05 52 61 74 74 65 31 28 30 26 06 09 2a 86
> ...Ratte1(0&..*.
> 0580: 48 86 f7 0d 01 09 01 16 19 72 61 74 74 65 40 6f
> H........ratte@o
> 0590: 6e 6c 69 6e 65 2d 76 69 6f 6c 65 6e 63 65 2e 63
> nline-violence.c
> 05a0: 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01
> om0..0...*.H....
> 05b0: 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 ce
> ........0.......
> 05c0: c9 78 0a 45 de a3 4f 9a 9a ca e1 64 78 65 d6 82
> .x.E..O....dxe..
> 05d0: f7 73 a7 6a 4a 55 69 e6 8c 60 36 d8 e6 66 8e d3
> .s.jJUi..`6..f..
> 05e0: b7 0e 4f 93 ff 01 17 c3 fc bf d1 16 10 81 8a 45
> ..O............E
> 05f0: 04 26 8c 88 92 9f bc 0b 86 23 06 88 f6 c7 1b e6
> .&.......#......
> 0600: f9 9f b2 f0 5b f6 c1 fe 37 d5 ab d4 72 37 31 ff
> ....[...7...r71.
> 0610: 09 aa 46 23 29 7d 06 8d aa 34 28 7b 53 6d 25 cd
> ..F#)}...4({Sm%.
> 0620: cf 53 3e 0b db b2 27 70 e5 29 c2 fc a8 a1 53 1b
> .S>...'p.)....S.
> 0630: b1 43 83 e3 9e 58 8a 43 4a 93 df 21 b5 59 db 02
> .C...X.CJ..!.Y..
> 0640: 03 01 00 01 a3 82 01 0b 30 82 01 07 30 1d 06 03
> ........0...0...
> 0650: 55 1d 0e 04 16 04 14 31 af 2d 7c 61 23 45 31 8b
> U......1.-|a#E1.
> 0660: 16 3d a9 9c c1 0d a2 0a 18 5a a2 30 81 d7 06 03
> .=.......Z.0....
> 0670: 55 1d 23 04 81 cf 30 81 cc 80 14 31 af 2d 7c 61
> U.#...0....1.-|a
> 0680: 23 45 31 8b 16 3d a9 9c c1 0d a2 0a 18 5a a2 a1
> #E1..=.......Z..
> 0690: 81 b0 a4 81 ad 30 81 aa 31 0b 30 09 06 03 55 04
> .....0..1.0...U.
> 06a0: 06 13 02 43 48 31 12 30 10 06 03 55 04 08 13 09
> ...CH1.0...U....
> 06b0: 53 6f 6d 65 77 68 65 72 65 31 13 30 11 06 03 55
> Somewhere1.0...U
> 06c0: 04 07 13 0a 57 69 6e 74 65 72 74 68 75 72 31 1c
> ....Winterthur1.
> 06d0: 30 1a 06 03 55 04 0a 13 13 4f 6e 6c 69 6e 65 20
> 0...U....Online
> 06e0: 56 69 6f 6c 65 6e 63 65 20 4c 74 64 31 1a 30 18
> Violence Ltd1.0.
> 06f0: 06 03 55 04 0b 13 11 53 65 78 75 61 6c 20 48 61
> ..U....Sexual Ha
> 0700: 72 61 73 6d 65 6e 74 73 31 0e 30 0c 06 03 55 04
> rasments1.0...U.
> 0710: 03 13 05 52 61 74 74 65 31 28 30 26 06 09 2a 86
> ...Ratte1(0&..*.
> 0720: 48 86 f7 0d 01 09 01 16 19 72 61 74 74 65 40 6f
> H........ratte@o
> 0730: 6e 6c 69 6e 65 2d 76 69 6f 6c 65 6e 63 65 2e 63
> nline-violence.c
> 0740: 6f 6d 82 01 00 30 0c 06 03 55 1d 13 04 05 30 03
> om...0...U....0.
> 0750: 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04
> ...0...*.H......
> 0760: 05 00 03 81 81 00 a5 b2 04 87 94 e6 73 d3 fb a7
> ............s...
> 0770: f7 04 9d 12 ed 06 5c 57 e1 17 25 53 1c 30 79 3a
> ......\W..%S.0y:
> 0780: f4 d7 29 59 fc a2 7d 77 12 66 6d e9 71 c9 ad 92
> ..)Y..}w.fm.q...
> 0790: d6 d9 08 68 cd 22 a6 e4 66 56 e7 36 51 b4 fd c9
> ...h."..fV.6Q...
> 07a0: b6 a9 19 f4 2d e1 7d ff 0a 29 73 f2 c4 ca a9 45
> ....-.}..)s....E
> 07b0: fb 0e ba ea ac 60 92 99 4a 8d e7 5d ac 9c 6a a9
> .....`..J..]..j.
> 07c0: f9 c7 3c 86 08 2d 08 e7 ee 08 4d 52 c7 b8 df b3
> ..<..-....MR....
> 07d0: ea b1 48 9c 12 d7 13 52 2f fe 2d 96 c9 81 49 ff
> ..H....R/.-...I.
> 07e0: 5f 8d f9 91 ad 8b _.....
>
> TLS certificate verification: depth: 1, err: 0, subject:
> /C=CH/ST=Somewhere/L=Winterthur/O=Online Violence Ltd/OU=Sexual
> Harasments/CN=Ratte/Email=ratte@online-violence.com, issuer:
> /C=CH/ST=Somewhere/L=Winterthur/O=Online Violence Ltd/OU=Sexual
> Harasments/CN=Ratte/Email=ratte@online-violence.com
> TLS certificate verification: depth: 0, err: 0, subject:
> /C=CH/ST=Somewhere/O=Online Violence Ltd/OU=Sexual
> Harasments/CN=ecpmaint05/Email=vadim.tarassov@winterthur.ch,
> issuer: /C=CH/ST=Somewhere/L=Winterthur/O=Online Violence
> Ltd/OU=Sexual Harasments/CN=Ratte/Email=ratte@online-violence.com
> TLS trace: SSL_connect:SSLv3 read server certificate A
> tls_read: want=5, got=5
> 0000: 16 03 01 00 bc .....
>
> tls_read: want=188, got=188
> 0000: 0d 00 00 b4 02 01 02 00 af 00 ad 30 81 aa 31 0b
> ...........0..1.
> 0010: 30 09 06 03 55 04 06 13 02 43 48 31 12 30 10 06
> 0...U....CH1.0..
> 0020: 03 55 04 08 13 09 53 6f 6d 65 77 68 65 72 65 31
> .U....Somewhere1
> 0030: 13 30 11 06 03 55 04 07 13 0a 57 69 6e 74 65 72
> .0...U....Winter
> 0040: 74 68 75 72 31 1c 30 1a 06 03 55 04 0a 13 13 4f
> thur1.0...U....O
> 0050: 6e 6c 69 6e 65 20 56 69 6f 6c 65 6e 63 65 20 4c nline
> Violence L
> 0060: 74 64 31 1a 30 18 06 03 55 04 0b 13 11 53 65 78
> td1.0...U....Sex
> 0070: 75 61 6c 20 48 61 72 61 73 6d 65 6e 74 73 31 0e ual
> Harasments1.
> 0080: 30 0c 06 03 55 04 03 13 05 52 61 74 74 65 31 28
> 0...U....Ratte1(
> 0090: 30 26 06 09 2a 86 48 86 f7 0d 01 09 01 16 19 72
> 0&..*.H........r
> 00a0: 61 74 74 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c
> atte@online-viol
> 00b0: 65 6e 63 65 2e 63 6f 6d 0e 00 00 00
> ence.com....
> TLS trace: SSL_connect:SSLv3 read server certificate request A
> TLS trace: SSL_connect:SSLv3 read server done A
> TLS trace: SSL_connect:SSLv3 write client certificate A
> TLS trace: SSL_connect:SSLv3 write client key exchange A
> TLS trace: SSL_connect:SSLv3 write change cipher spec A
> TLS trace: SSL_connect:SSLv3 write finished A
> tls_write: want=202, written=202
> 0000: 16 03 01 00 07 0b 00 00 03 00 00 00 16 03 01 00
> ................
> 0010: 86 10 00 00 82 00 80 90 5e b9 27 59 7d 10 60 fb
> ........^.'Y}.`.
> 0020: 33 8f 05 8e f0 c6 70 8d 59 6d 24 6d 66 d8 65 37
> 3.....p.Ym$mf.e7
> 0030: 51 f7 59 f6 c2 e5 92 e0 4c a3 f0 34 10 b1 3c cc
> Q.Y.....L..4..<.
> 0040: d0 0a e5 5c 3b fc 74 2f 0b c7 de e5 41 bb b5 d8
> ...\;.t/....A...
> 0050: aa 66 38 d9 a2 57 24 14 a0 ec 53 32 c1 2e 75 0c
> .f8..W$...S2..u.
> 0060: 8e b0 ad a1 1f 83 bd 45 82 c8 5a 37 f6 33 95 92
> .......E..Z7.3..
> 0070: 0b d1 32 d6 fc 11 d0 9a 4f 3f 25 55 d6 57 dc c3
> ..2.....O?%U.W..
> 0080: 12 5c 6b 1a b9 08 2a b2 ee cc a2 95 cd 45 ce 7b
> .\k...*......E.{
> 0090: 99 c9 ca 48 86 11 64 14 03 01 00 01 01 16 03 01
> ...H..d.........
> 00a0: 00 28 c3 67 90 d3 07 b1 8b 47 25 b9 f0 49 7c 65
> .(.g.....G%..I|e
> 00b0: 45 47 a7 c5 77 eb b8 d9 30 70 48 68 c7 cf 44 95
> EG..w...0pHh..D.
> 00c0: 2e 49 2c 32 fb be fa e4 f8 9f
> .I,2......
> TLS trace: SSL_connect:SSLv3 flush data
> tls_read: want=5, got=5
> 0000: 15 03 01 00 02 .....
>
> tls_read: want=2, got=2
> 0000: 02 28 .(
>
> TLS trace: SSL3 alert read:fatal:handshake failure
> TLS trace: SSL_connect:failed in SSLv3 read finished A
> TLS: can't connect.
>
> ###################################################################
> ##############3
>
>
> TLS trace: SSL_accept:before/accept initialization
> tls_read: want=11, got=11
> 0000: 80 80 01 03 01 00 57 00 00 00 20
> ......W...
> tls_read: want=119, got=119
> 0000: 00 00 16 00 00 13 00 00 0a 07 00 c0 00 00 66 00
> ..............f.
> 0010: 00 07 00 00 05 00 00 04 05 00 80 03 00 80 01 00
> ................
> 0020: 80 08 00 80 00 00 65 00 00 64 00 00 63 00 00 62
> ......e..d..c..b
> 0030: 00 00 61 00 00 60 00 00 15 00 00 12 00 00 09 06
> ..a..`..........
> 0040: 00 40 00 00 14 00 00 11 00 00 08 00 00 06 00 00
> .@..............
> 0050: 03 04 00 80 02 00 80 24 de c0 8d 21 24 04 14 6e
> .......$...!$..n
> 0060: 61 30 32 be a6 78 d9 5a aa a5 b9 43 d5 e0 d9 41
> a02..x.Z...C...A
> 0070: 12 10 12 c7 e5 ce 0d
> .......
> TLS trace: SSL_accept:SSLv3 read client hello A
> TLS trace: SSL_accept:SSLv3 write server hello A
> TLS trace: SSL_accept:SSLv3 write certificate A
> TLS trace: SSL_accept:SSLv3 write certificate request A
> tls_write: want=2299, written=2299
> 0000: 16 03 01 00 4a 02 00 00 46 03 01 3d 13 60 e9 c7
> ....J...F..=.`..
> 0010: 52 57 34 ec 95 61 e9 81 15 7f 58 07 8c e1 b4 a5
> RW4..a....X.....
> 0020: ca d1 98 32 ad d1 b9 7b 9c 7e dd 20 6f c4 30 05
> ...2...{.~. o.0.
> 0030: 7d c8 0b 4d c7 68 0d f6 f9 f6 92 a6 d9 ae 4b cb
> }..M.h........K.
> 0040: ea 9d 8b b2 a4 31 a6 a0 98 56 f3 fe 00 0a 00 16
> .....1...V......
> 0050: 03 01 07 e6 0b 00 07 e2 00 07 df 00 03 fc 30 82
> ..............0.
> 0060: 03 f8 30 82 03 61 a0 03 02 01 02 02 02 10 02 30
> ..0..a.........0
> 0070: 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81
> ...*.H........0.
> 0080: aa 31 0b 30 09 06 03 55 04 06 13 02 43 48 31 12
> .1.0...U....CH1.
> 0090: 30 10 06 03 55 04 08 13 09 53 6f 6d 65 77 68 65
> 0...U....Somewhe
> 00a0: 72 65 31 13 30 11 06 03 55 04 07 13 0a 57 69 6e
> re1.0...U....Win
> 00b0: 74 65 72 74 68 75 72 31 1c 30 1a 06 03 55 04 0a
> terthur1.0...U..
> 00c0: 13 13 4f 6e 6c 69 6e 65 20 56 69 6f 6c 65 6e 63
> ..Online Violenc
> 00d0: 65 20 4c 74 64 31 1a 30 18 06 03 55 04 0b 13 11 e
> Ltd1.0...U....
> 00e0: 53 65 78 75 61 6c 20 48 61 72 61 73 6d 65 6e 74 Sexual
> Harasment
> 00f0: 73 31 0e 30 0c 06 03 55 04 03 13 05 52 61 74 74
> s1.0...U....Ratt
> 0100: 65 31 28 30 26 06 09 2a 86 48 86 f7 0d 01 09 01
> e1(0&..*.H......
> 0110: 16 19 72 61 74 74 65 40 6f 6e 6c 69 6e 65 2d 76
> ..ratte@online-v
> 0120: 69 6f 6c 65 6e 63 65 2e 63 6f 6d 30 1e 17 0d 30
> iolence.com0...0
> 0130: 32 30 36 31 38 31 37 30 34 30 37 5a 17 0d 30 33
> 20618170407Z..03
> 0140: 30 36 31 38 31 37 30 34 30 37 5a 30 81 9d 31 0b
> 0618170407Z0..1.
> 0150: 30 09 06 03 55 04 06 13 02 43 48 31 12 30 10 06
> 0...U....CH1.0..
> 0160: 03 55 04 08 13 09 53 6f 6d 65 77 68 65 72 65 31
> .U....Somewhere1
> 0170: 1c 30 1a 06 03 55 04 0a 13 13 4f 6e 6c 69 6e 65
> .0...U....Online
> 0180: 20 56 69 6f 6c 65 6e 63 65 20 4c 74 64 31 1a 30
> Violence Ltd1.0
> 0190: 18 06 03 55 04 0b 13 11 53 65 78 75 61 6c 20 48
> ...U....Sexual H
> 01a0: 61 72 61 73 6d 65 6e 74 73 31 13 30 11 06 03 55
> arasments1.0...U
> 01b0: 04 03 13 0a 65 63 70 6d 61 69 6e 74 30 35 31 2b
> ....ecpmaint051+
> 01c0: 30 29 06 09 2a 86 48 86 f7 0d 01 09 01 16 1c 76
> 0)..*.H........v
> 01d0: 61 64 69 6d 2e 74 61 72 61 73 73 6f 76 40 77 69
> adim.tarassov@wi
> 01e0: 6e 74 65 72 74 68 75 72 2e 63 68 30 81 9f 30 0d
> nterthur.ch0..0.
> 01f0: 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d
> ..*.H...........
> 0200: 00 30 81 89 02 81 81 00 a4 d3 f9 b8 89 f6 ec b0
> .0..............
> 0210: 75 d9 eb 1c 1c 11 42 b7 19 f0 18 5f c6 50 03 49
> u.....B...._.P.I
> 0220: 2f 72 59 4b 4c c3 b3 50 73 b8 0c b6 e1 60 98 e7
> /rYKL..Ps....`..
> 0230: f1 48 8f b2 27 64 0d 89 9b c1 e7 d6 e8 68 d3 78
> .H..'d.......h.x
> 0240: fc a1 cc fc ef 7b fb de 4d d3 52 c5 bd d5 80 a0
> .....{..M.R.....
> 0250: 43 e1 77 e0 88 84 a8 52 86 85 25 40 9a a1 09 6b
> C.w....R..%@...k
> 0260: 0b 48 e2 c7 b3 09 50 aa 05 74 cd d1 1f 17 62 52
> .H....P..t....bR
> 0270: 45 88 72 8b ed 73 a3 8a d4 df a0 e5 e6 46 5e 3a
> E.r..s.......F^:
> 0280: c9 9d c5 55 83 e2 2a 37 02 03 01 00 01 a3 82 01
> ...U..*7........
> 0290: 36 30 82 01 32 30 09 06 03 55 1d 13 04 02 30 00
> 60..20...U....0.
> 02a0: 30 2c 06 09 60 86 48 01 86 f8 42 01 0d 04 1f 16
> 0,..`.H...B.....
> 02b0: 1d 4f 70 65 6e 53 53 4c 20 47 65 6e 65 72 61 74
> .OpenSSL Generat
> 02c0: 65 64 20 43 65 72 74 69 66 69 63 61 74 65 30 1d ed
> Certificate0.
> 02d0: 06 03 55 1d 0e 04 16 04 14 e4 91 ed 29 9b 95 f3
> ..U.........)...
> 02e0: d7 b9 21 9d 60 28 81 80 7a ac b7 01 c6 30 81 d7
> ..!.`(..z....0..
> 02f0: 06 03 55 1d 23 04 81 cf 30 81 cc 80 14 31 af 2d
> ..U.#...0....1.-
> 0300: 7c 61 23 45 31 8b 16 3d a9 9c c1 0d a2 0a 18 5a
> |a#E1..=.......Z
> 0310: a2 a1 81 b0 a4 81 ad 30 81 aa 31 0b 30 09 06 03
> .......0..1.0...
> 0320: 55 04 06 13 02 43 48 31 12 30 10 06 03 55 04 08
> U....CH1.0...U..
> 0330: 13 09 53 6f 6d 65 77 68 65 72 65 31 13 30 11 06
> ..Somewhere1.0..
> 0340: 03 55 04 07 13 0a 57 69 6e 74 65 72 74 68 75 72
> .U....Winterthur
> 0350: 31 1c 30 1a 06 03 55 04 0a 13 13 4f 6e 6c 69 6e
> 1.0...U....Onlin
> 0360: 65 20 56 69 6f 6c 65 6e 63 65 20 4c 74 64 31 1a e
> Violence Ltd1.
> 0370: 30 18 06 03 55 04 0b 13 11 53 65 78 75 61 6c 20
> 0...U....Sexual
> 0380: 48 61 72 61 73 6d 65 6e 74 73 31 0e 30 0c 06 03
> Harasments1.0...
> 0390: 55 04 03 13 05 52 61 74 74 65 31 28 30 26 06 09
> U....Ratte1(0&..
> 03a0: 2a 86 48 86 f7 0d 01 09 01 16 19 72 61 74 74 65
> *.H........ratte
> 03b0: 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c 65 6e 63 65
> @online-violence
> 03c0: 2e 63 6f 6d 82 01 00 30 0d 06 09 2a 86 48 86 f7
> .com...0...*.H..
> 03d0: 0d 01 01 04 05 00 03 81 81 00 c4 51 05 2e b0 c2
> ...........Q....
> 03e0: b5 b2 f3 e1 d3 c2 32 99 fe d9 d6 cc 48 05 0a 13
> ......2.....H...
> 03f0: f4 94 34 28 f6 99 db 9e 38 ec 70 62 b0 ae bc 0a
> ..4(....8.pb....
> 0400: 63 64 62 00 ec 36 b6 52 bb 57 98 79 ff 50 ab 1d
> cdb..6.R.W.y.P..
> 0410: a6 c2 71 3f 84 86 45 4c 00 09 97 24 fc 3e 64 8c
> ..q?..EL...$.>d.
> 0420: 4e 12 28 85 31 cb 23 2b 18 bb bc 2d 70 c1 db 23
> N.(.1.#+...-p..#
> 0430: f8 2b 72 54 73 1d e9 5d a9 6a 6b 1d ea d9 b3 db
> .+rTs..].jk.....
> 0440: 73 c5 8c ba 69 2e 9f 16 61 22 26 37 4a 35 f5 1b
> s...i...a"&7J5..
> 0450: da 31 73 bc 18 af a7 64 e8 02 00 03 dd 30 82 03
> .1s....d.....0..
> 0460: d9 30 82 03 42 a0 03 02 01 02 02 01 00 30 0d 06
> .0..B........0..
> 0470: 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 aa 31
> .*.H........0..1
> 0480: 0b 30 09 06 03 55 04 06 13 02 43 48 31 12 30 10
> .0...U....CH1.0.
> 0490: 06 03 55 04 08 13 09 53 6f 6d 65 77 68 65 72 65
> ..U....Somewhere
> 04a0: 31 13 30 11 06 03 55 04 07 13 0a 57 69 6e 74 65
> 1.0...U....Winte
> 04b0: 72 74 68 75 72 31 1c 30 1a 06 03 55 04 0a 13 13
> rthur1.0...U....
> 04c0: 4f 6e 6c 69 6e 65 20 56 69 6f 6c 65 6e 63 65 20 Online
> Violence
> 04d0: 4c 74 64 31 1a 30 18 06 03 55 04 0b 13 11 53 65
> Ltd1.0...U....Se
> 04e0: 78 75 61 6c 20 48 61 72 61 73 6d 65 6e 74 73 31 xual
> Harasments1
> 04f0: 0e 30 0c 06 03 55 04 03 13 05 52 61 74 74 65 31
> .0...U....Ratte1
> 0500: 28 30 26 06 09 2a 86 48 86 f7 0d 01 09 01 16 19
> (0&..*.H........
> 0510: 72 61 74 74 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f
> ratte@online-vio
> 0520: 6c 65 6e 63 65 2e 63 6f 6d 30 1e 17 0d 30 32 30
> lence.com0...020
> 0530: 36 31 33 31 34 34 33 35 32 5a 17 0d 30 33 30 36
> 613144352Z..0306
> 0540: 31 33 31 34 34 33 35 32 5a 30 81 aa 31 0b 30 09
> 13144352Z0..1.0.
> 0550: 06 03 55 04 06 13 02 43 48 31 12 30 10 06 03 55
> ..U....CH1.0...U
> 0560: 04 08 13 09 53 6f 6d 65 77 68 65 72 65 31 13 30
> ....Somewhere1.0
> 0570: 11 06 03 55 04 07 13 0a 57 69 6e 74 65 72 74 68
> ...U....Winterth
> 0580: 75 72 31 1c 30 1a 06 03 55 04 0a 13 13 4f 6e 6c
> ur1.0...U....Onl
> 0590: 69 6e 65 20 56 69 6f 6c 65 6e 63 65 20 4c 74 64 ine
> Violence Ltd
> 05a0: 31 1a 30 18 06 03 55 04 0b 13 11 53 65 78 75 61
> 1.0...U....Sexua
> 05b0: 6c 20 48 61 72 61 73 6d 65 6e 74 73 31 0e 30 0c l
> Harasments1.0.
> 05c0: 06 03 55 04 03 13 05 52 61 74 74 65 31 28 30 26
> ..U....Ratte1(0&
> 05d0: 06 09 2a 86 48 86 f7 0d 01 09 01 16 19 72 61 74
> ..*.H........rat
> 05e0: 74 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c 65 6e
> te@online-violen
> 05f0: 63 65 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48
> ce.com0..0...*.H
> 0600: 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02
> ............0...
> 0610: 81 81 00 ce c9 78 0a 45 de a3 4f 9a 9a ca e1 64
> .....x.E..O....d
> 0620: 78 65 d6 82 f7 73 a7 6a 4a 55 69 e6 8c 60 36 d8
> xe...s.jJUi..`6.
> 0630: e6 66 8e d3 b7 0e 4f 93 ff 01 17 c3 fc bf d1 16
> .f....O.........
> 0640: 10 81 8a 45 04 26 8c 88 92 9f bc 0b 86 23 06 88
> ...E.&.......#..
> 0650: f6 c7 1b e6 f9 9f b2 f0 5b f6 c1 fe 37 d5 ab d4
> ........[...7...
> 0660: 72 37 31 ff 09 aa 46 23 29 7d 06 8d aa 34 28 7b
> r71...F#)}...4({
> 0670: 53 6d 25 cd cf 53 3e 0b db b2 27 70 e5 29 c2 fc
> Sm%..S>...'p.)..
> 0680: a8 a1 53 1b b1 43 83 e3 9e 58 8a 43 4a 93 df 21
> ..S..C...X.CJ..!
> 0690: b5 59 db 02 03 01 00 01 a3 82 01 0b 30 82 01 07
> .Y..........0...
> 06a0: 30 1d 06 03 55 1d 0e 04 16 04 14 31 af 2d 7c 61
> 0...U......1.-|a
> 06b0: 23 45 31 8b 16 3d a9 9c c1 0d a2 0a 18 5a a2 30
> #E1..=.......Z.0
> 06c0: 81 d7 06 03 55 1d 23 04 81 cf 30 81 cc 80 14 31
> ....U.#...0....1
> 06d0: af 2d 7c 61 23 45 31 8b 16 3d a9 9c c1 0d a2 0a
> .-|a#E1..=......
> 06e0: 18 5a a2 a1 81 b0 a4 81 ad 30 81 aa 31 0b 30 09
> .Z.......0..1.0.
> 06f0: 06 03 55 04 06 13 02 43 48 31 12 30 10 06 03 55
> ..U....CH1.0...U
> 0700: 04 08 13 09 53 6f 6d 65 77 68 65 72 65 31 13 30
> ....Somewhere1.0
> 0710: 11 06 03 55 04 07 13 0a 57 69 6e 74 65 72 74 68
> ...U....Winterth
> 0720: 75 72 31 1c 30 1a 06 03 55 04 0a 13 13 4f 6e 6c
> ur1.0...U....Onl
> 0730: 69 6e 65 20 56 69 6f 6c 65 6e 63 65 20 4c 74 64 ine
> Violence Ltd
> 0740: 31 1a 30 18 06 03 55 04 0b 13 11 53 65 78 75 61
> 1.0...U....Sexua
> 0750: 6c 20 48 61 72 61 73 6d 65 6e 74 73 31 0e 30 0c l
> Harasments1.0.
> 0760: 06 03 55 04 03 13 05 52 61 74 74 65 31 28 30 26
> ..U....Ratte1(0&
> 0770: 06 09 2a 86 48 86 f7 0d 01 09 01 16 19 72 61 74
> ..*.H........rat
> 0780: 74 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c 65 6e
> te@online-violen
> 0790: 63 65 2e 63 6f 6d 82 01 00 30 0c 06 03 55 1d 13
> ce.com...0...U..
> 07a0: 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7
> ..0....0...*.H..
> 07b0: 0d 01 01 04 05 00 03 81 81 00 a5 b2 04 87 94 e6
> ................
> 07c0: 73 d3 fb a7 f7 04 9d 12 ed 06 5c 57 e1 17 25 53
> s.........\W..%S
> 07d0: 1c 30 79 3a f4 d7 29 59 fc a2 7d 77 12 66 6d e9
> .0y:..)Y..}w.fm.
> 07e0: 71 c9 ad 92 d6 d9 08 68 cd 22 a6 e4 66 56 e7 36
> q......h."..fV.6
> 07f0: 51 b4 fd c9 b6 a9 19 f4 2d e1 7d ff 0a 29 73 f2
> Q.......-.}..)s.
> 0800: c4 ca a9 45 fb 0e ba ea ac 60 92 99 4a 8d e7 5d
> ...E.....`..J..]
> 0810: ac 9c 6a a9 f9 c7 3c 86 08 2d 08 e7 ee 08 4d 52
> ..j...<..-....MR
> 0820: c7 b8 df b3 ea b1 48 9c 12 d7 13 52 2f fe 2d 96
> ......H....R/.-.
> 0830: c9 81 49 ff 5f 8d f9 91 ad 8b 16 03 01 00 bc 0d
> ..I._...........
> 0840: 00 00 b4 02 01 02 00 af 00 ad 30 81 aa 31 0b 30
> ..........0..1.0
> 0850: 09 06 03 55 04 06 13 02 43 48 31 12 30 10 06 03
> ...U....CH1.0...
> 0860: 55 04 08 13 09 53 6f 6d 65 77 68 65 72 65 31 13
> U....Somewhere1.
> 0870: 30 11 06 03 55 04 07 13 0a 57 69 6e 74 65 72 74
> 0...U....Wintert
> 0880: 68 75 72 31 1c 30 1a 06 03 55 04 0a 13 13 4f 6e
> hur1.0...U....On
> 0890: 6c 69 6e 65 20 56 69 6f 6c 65 6e 63 65 20 4c 74 line
> Violence Lt
> 08a0: 64 31 1a 30 18 06 03 55 04 0b 13 11 53 65 78 75
> d1.0...U....Sexu
> 08b0: 61 6c 20 48 61 72 61 73 6d 65 6e 74 73 31 0e 30 al
> Harasments1.0
> 08c0: 0c 06 03 55 04 03 13 05 52 61 74 74 65 31 28 30
> ...U....Ratte1(0
> 08d0: 26 06 09 2a 86 48 86 f7 0d 01 09 01 16 19 72 61
> &..*.H........ra
> 08e0: 74 74 65 40 6f 6e 6c 69 6e 65 2d 76 69 6f 6c 65
> tte@online-viole
> 08f0: 6e 63 65 2e 63 6f 6d 0e 00 00 00
> nce.com....
> TLS trace: SSL_accept:SSLv3 flush data
> tls_read: want=5 error=Resource temporarily unavailable
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> daemon: select: listen=7 active_threads=0 tvp=NULL
> daemon: activity on 1 descriptors
> daemon: activity on: 11r
> daemon: read activity on 11
> connection_get(11)
> connection_get(11): got connid=6
> connection_read(11): checking for input on id=6
> tls_read: want=5, got=5
> 0000: 16 03 01 00 07 .....
>
> tls_read: want=7, got=7
> 0000: 0b 00 00 03 00 00 00
> .......
> tls_write: want=7, written=7
> 0000: 15 03 01 00 02 02 28
> ......(
> TLS trace: SSL3 alert write:fatal:handshake failure
> TLS trace: SSL_accept:error in SSLv3 read client certificate B
> TLS: can't accept.
> TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer
> did not return a certificate s3_srvr.c:1788
>
>
> -----------------------------------------------------------
> Vadim Tarassov
> e-Platform Solution Center
> mailto:vadim.tarassov@winterthur.ch
> Phone +41 52 261 73 22, Fax +41 52 261 46 40
> Mobile +41 076 380 51 26
> -----------------------------------------------------------
> Winterthur Insurance
> Paulstrasse 12
> CH-8401 Winterthur
> http://www.winterthur.com/ch
> -----------------------------------------------------------
>