[Date Prev][Date Next] [Chronological] [Thread] [Top]

syncrepl - ldap_start_tls failed (-11)

To: openldap-software@openldap.org
Subject: syncrepl - ldap_start_tls failed (-11)
From: Cristian Laufer <laufer@uni-koblenz-landau.de>
Date: Wed, 05 Dec 2007 15:17:01 +0100
User-agent: Thunderbird 2.0.0.9 (Windows/20071031)

Hello All,

Im trying to setup syncrepl with TLS. But so far it wonÂt work. Actually Im a bit confused because Provider.log says "TLS established" and consumer.log "ldap_start_tls failed (-11)".

My settings are as follows:

provider slapd.conf:

overlay syncprov
syncprov-checkpoint 100 10
syncprov-sessionlog 100

consumer slapd.conf:

index entryCSN,entryUUID eq

syncrepl rid=123
starttls=yes
provider=ldap://ldapmaster:389
type=refreshAndPersist
interval=00:00:00:01
searchbase="dc=test,dc=de"
filter="(objectclass=*)"
scope=sub
attrs="*"
schemachecking=off
updatedn="cn=syncuser,ou=system,dc=test,dc=de"
credentials="xxx"
bindmethod=simple
binddn="cn=admin,dc=uni-koblenz-landau,dc=de"
credentials="xxx"

provider.log:

Dec 5 15:40:57 testldap slapd[8997]: conn=2 op=3 UNBIND Dec 5 15:40:57 testldap slapd[8997]: conn=2 fd=15 closed Dec 5 15:41:01 testldap slapd[8997]: conn=3 fd=15 ACCEPT from IP=192.168.1.2:50400 (IP=0.0.0.0:389) Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=0 STARTTLS Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=0 RESULT oid= err=0 text= Dec 5 15:41:01 testldap slapd[8997]: conn=3 fd=15 TLS established tls_ssf=256 ssf=256 Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=1 BIND dn="cn=admin,dc=test,dc=de" method=128 Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=1 BIND dn="cn=admin,dc=test,dc=de" mech=SIMPLE ssf=0 Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=1 RESULT tag=97 err=0 text= Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=2 SRCH base="dc=test,dc=de" scope=2 deref=0 filter="(objectClass=*)" Dec 5 15:41:01 testldap slapd[8997]: conn=3 op=2 SRCH attr=* structuralObjectClass entryCSN

consumer.log:

Dec 5 14:49:50 TESTNETZ-BDC slapd[6513]: slapd starting Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: Warning: rid 123 ldap_start_tls failed (-11) Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 fd=25 ACCEPT from IP=127.0.0.1:54163 (IP=0.0.0.0:389) Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 op=0 BIND dn="" method=128 Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 op=0 RESULT tag=97 err=0 text= Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 op=1 SRCH base="" scope=0 deref=0 filter="(objectClass=*)" Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 op=2 UNBIND Dec 5 14:49:51 TESTNETZ-BDC slapd[6513]: conn=0 fd=25 closed

Does someone know what part of the setup could be wrong? Are there more config files needed?

I would appreciate any help or hint!

Thank you!

Cristian

Follow-Ups:
- Re: syncrepl - ldap_start_tls failed (-11)
  - From: Quanah Gibson-Mount <quanah@zimbra.com>

Prev by Date: Re: [Fwd: Re: KDC {K5KEY} userPassword problem] Solved!!
Next by Date: Re: sync replication fails
Index(es):
- Chronological
- Thread