[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP issues when connecting over SSL



Hi.

I am trying to get a client to connect over SSL.

A ldapsearch work on linux using SSL, however, when this specific
client tried to access (which I can't name here for some reasons!)
it I get the following error in OpenLDAP:

conn=14 fd=14 ACCEPT from IP=124.168.139.185:50884 (IP=0.0.0.0:636)
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown
protocol s23_srvr.c:562
conn=14 fd=14 closed (TLS negotiation failure)
conn=9 op=3 BIND dn="" method=128
conn=9 op=3 RESULT tag=97 err=0 text=
conn=9 op=4 UNBIND
conn=9 fd=13 closed

Other clients seem to work well over SSL.
I am missing something in the slapd.conf?
The SSL related configuration I have are:

TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile      /usr/local/etc/openldap/cert.pem
TLSCertificateKeyFile   /usr/local/etc/openldap/cert.pem
TLSCACertificateFile    /usr/local/etc/openldap/ca-bundle.crt

TLSVerifyClient allow

Somebody posted a similar question last year on this distribution
list, however he didn't get any answers. I was hopeful this is a
common issue.

Thank you
Jean-Yves