[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problem with tls connections

To: openldap-software@openldap.org
Subject: Problem with tls connections
From: Norman Gies <newsletter@normangies.com>
Date: Fri, 05 Sep 2008 06:44:10 +0200
User-agent: Thunderbird 2.0.0.16 (Windows/20080708)

Hello,

i have a problem with tls connections to my openldap server.

The openldap server is running on debian. I created all certificates with openssl. If I use ldapsearch on the server (SASL//EXTERNAL mech/) everything works fine, but if i try to connect with jxplorer, ldapbrowser (softera), eclipse (apache directoy), or with the examples from jldap, i always got the same error: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake

This is the log from the openldap server.

Sep 5 08:18:33 domain slapd[1770]: slapd starting Sep 5 08:18:33 domain slapd[1770]: daemon: added 4r listener=(nil) Sep 5 08:18:33 domain slapd[1770]: daemon: added 6r listener=0x8129238 Sep 5 08:18:33 domain slapd[1770]: daemon: added 7r listener=0x8129300 Sep 5 08:18:33 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:18:33 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: activity on 1 descriptor Sep 5 08:20:46 domain slapd[1770]: >>> slap_listener(ldap:///) Sep 5 08:20:46 domain slapd[1770]: daemon: listen=7, new connection on 12 Sep 5 08:20:46 domain slapd[1770]: daemon: added 12r (active) listener=(nil) Sep 5 08:20:46 domain slapd[1770]: conn=0 fd=12 ACCEPT from IP=192.168.0.2:2578 (IP=0.0.0.0:389) Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: activity on 1 descriptor Sep 5 08:20:46 domain slapd[1770]: daemon: activity on: Sep 5 08:20:46 domain slapd[1770]: 12r Sep 5 08:20:46 domain slapd[1770]: Sep 5 08:20:46 domain slapd[1770]: daemon: read activity on 12 Sep 5 08:20:46 domain slapd[1770]: connection_get(12) Sep 5 08:20:46 domain slapd[1770]: connection_get(12): got connid=0 Sep 5 08:20:46 domain slapd[1770]: connection_read(12): checking for input on id=0 Sep 5 08:20:46 domain slapd[1770]: ber_get_next on fd 12 failed errno=0 (Success) Sep 5 08:20:46 domain slapd[1770]: connection_read(12): input error=-2 id=0, closing. Sep 5 08:20:46 domain slapd[1770]: connection_closing: readying conn=0 sd=12 for close Sep 5 08:20:46 domain slapd[1770]: connection_close: conn=0 sd=-1 Sep 5 08:20:46 domain slapd[1770]: daemon: removing 12 Sep 5 08:20:46 domain slapd[1770]: conn=0 fd=12 closed (connection lost) Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: activity on 1 descriptor Sep 5 08:20:46 domain slapd[1770]: daemon: waked Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL

What the meaning of the two lines

ber_get_next on fd 12 failed errno=0 (Success)
connection_read(12): input error=-2 id=0, closing.

Sorry for my bad english.

thx for help.

Any help or pointers would be appreciated.
Thanks.
Norman

Follow-Ups:
- Re: Problem with tls connections
  - From: Philip Guenther <guenther+ldapsoft@sendmail.com>

Prev by Date: Re: openldap nightmare
Next by Date: Re: (ITS#5545) Inconsistency in multi-master setup
Index(es):
- Chronological
- Thread