[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Still getting TLS errors with 2.3.11
On Mon, Oct 17, 2005 at 10:39:15AM +0200, Dieter Kluenter wrote:
> I just experienced the same problem and it took me a few minutes to find
> the reason, which resulted in
>
> TLS trace: SSL3 alert read:fatal:certificate expired
> TLS trace: SSL_accept:failed in SSLv3 read client certificate A
> TLS: can't accept.
> TLS: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired s3_pkt.c:1052
> connection_read(15): TLS accept error error=-1 id=1, closing
>
> Creating and signing a new set of certificates solved it.
The certificate is fine here (other than being self-signed):
# openssl x509 -in ldap.pem -noout -dates
notBefore=Oct 7 16:26:09 2005 GMT
notAfter=Aug 18 07:00:49 2021 GMT
If I run ldapsearch from another machine which has another version of
openldap that is not 2.3.11 nor 2.3.10, then it works.