[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
how to ssl only, not tls?
some ldap clients are not support tls,and support ssl.
then I edit slapd.conf,change all "TLS" lines to #TLS,like:
#TLSCACertificateFile server.pem
#TLSCertificateFile server.pem
#TLSCertificateKeyFile server.pem
and run slapd -d 256 -h "ldaps://0.0.0.0/" -f /path/to/slapd.conf.
run the dis-tls client.
slapd reports error:
conn=11 fd=10 accept from ip=127.0.0.1:57203(ip=0.0.0.0:636)
TLS:can't accept.
TLS:error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:1052
conn=11 fd=10 closed
the client can't connect to ldap server.
now,I want to know how to server side ssl only, not tls?