[Date Prev][Date Next] [Chronological] [Thread] [Top]

strange error with openssl client

To: openldap-software@OpenLDAP.org
Subject: strange error with openssl client
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Mon, 30 Jun 2003 17:57:33 +0200
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Hi,
OpenLDAP-2.1.19
OpenSSL-0.9.6g

I'm preparing some documentation on OpenLDAP. When testing my
certificates I get following error

.-.-.-.-.-.-.---.-.-.--.-.-.-.-.-.-.-..-
dieter@marin:~> openssl s_client -connect localhost:389 -showcerts
CONNECTED(00000003)
2229:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:226
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.

Testing the same certificates with OpenLDAP-2.1.3 showed the complete
certificate chain. What has been changed between 2.1.3 and 2.1.19?

Just to make it clear, TLS works fine on the system, 'openssl verify'
verifies my certificates, 
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
dieter@marin:~> openssl verify /home/dieter/Cert/ldap_clientcert.pem
/home/dieter/Cert/ldap_clientcert.pem: OK
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-

It is just s_client giving errors. 
Any ideas what happend?

I remember having seen a website explaining openssl error
numbers but that seems having been vanished, any hints on this
topic? 


-Dieter
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

Prev by Date: finger to ldap gateway?
Next by Date: Re: finger to ldap gateway?
Index(es):
- Chronological
- Thread