[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
windows client TLS connection failed
- To: openldap-software@OpenLDAP.org
- Subject: windows client TLS connection failed
- From: Lara Adianto <m1r4cle_26@yahoo.com>
- Date: Mon, 13 Dec 2004 02:19:12 -0800 (PST)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; b=ogiw4NSA535yX+nOUQ38h67qtRPfJ9WnpVuY2DBqWAdmY0rHuKFGJgcviAFZA4EfWxKSZIugJT9Kg5KgCQmNSQPk890806tsNTKYp+0XMABywH9bxLTJvwOdOGoU1ID8+7AeIFtv8Sg0mFeYU33eg5nyehtiGceSBkTjgXq5j8o= ;
Hi,
I'm writing a simple ldap client for windows. I have compiled the necessary openldap library (libldap and liblber) with TLS/SSL using MSVC++ to be used by the windows client. The server is an openldap server installed in linux. Without TLS/SSL, the client can connect successfully to the server, but adding TLS (ldap_start_tls_ssl), it failed with error code 91:
ldap_start_tls_s: 91, connect error.
While on the server side:
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: activity on: 7r
daemon: read activity on 7
connection_get(7)
connection_get(7): got connid=0
connection_read(7): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
tls_read: want=11 error=Connection reset by peer
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
connection_read(7): TLS accept error error=-1 id=0, closing
connection_closing: readying conn=0 sd=7 for close
connection_close: conn=0 sd=7
daemon: removing 7
conn=0 fd=7 closed
daemon: select: listen=6 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=6 active_threads=0 tvp=NULL
What does:
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
connection_read(7): TLS accept error error=-1 id=0, closing
means ? I've set TLSVerifyClient to never, so my guess is that there's a problem with the CA cert provided by client.
I installed the ca.der of the server in the windows client, and set it with:
rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, cacert);
in my code. The cacert contains the location of the ca.der and the certificate is valid.
Can anybody point me to the right direction, how to write an ldap client for windows...with TLS/SSL connectivity ? I've tried using SSL but it failed with the same error, TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
Thanks for your help !
lara
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------
Do you Yahoo!?
Send holiday email and support a worthy cause. Do good.