[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
openldap ssl
Hi, i'm trying to configure ssl on my openldap
but i get some errors:
[...]
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11, got=11
0000: 30 29 02 01 01 60 24 02 01 03 04 0)...`$....
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
s23_srvr.c:641
connection_read(10): TLS accept error error=-1 id=2, closing
connection_closing: readying conn=2 sd=10 for close
connection_close: conn=2 sd=10
daemon: removing 10
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: select: listen=7 active_threads=0 tvp=NULL
I made the certificate:
CA.sh -newca
openssl req -new -nodes -keyout newreq.pem -out newreq.pem
CA.sh -sign
(The common name is the ip server)
cp cacert.pem /etc/ssl/demoCA/cacert.pem
mv newcert.pem /etc/ssl/servercrt.pem
mv newreq.pem /etc/ssl/serverkey.pem
my slapd.conf:
[..]
TLSCACertificateFile /etc/ssl/demoCA/cacert.pem
TLSCertificateFile /etc/ssl/servercrt.pem
TLSCertificateKeyFile /etc/ssl/serverkey.pem
[..]
my ldap.conf
[..]
TLS_CACERT /etc/ssl/demoCA/cacert.pem
[...]
anyone help me please?
thanks!