[Date Prev][Date Next] [Chronological] [Thread] [Top]

"ldap_start_tls: Protocol error (2)" and I do not know why

To: openldap-software@openldap.org
Subject: "ldap_start_tls: Protocol error (2)" and I do not know why
From: Nathan Huesken <ldap@lonely-star.org>
Date: Fri, 30 Jan 2009 23:23:28 +0100
Content-disposition: inline
User-agent: Mutt/1.5.18 (2008-05-17)

Hi,

I created ssl certificates using this guide:
http://www.credentia.cc/certs/howto/openldap.html
Generating a slapd.cert and slapd.key file

I added:
olcTLSCertificateFile: /etc/ldap/ssl/slapd.cert
olcTLSCertificateKeyFile: /etc/ldap/ssl/slapd.key

olcTLSCRLCheck: none
olcTLSVerifyClient: never

to cn=config.ldif file.
I also put

TLS_REQCERT never

into /etc/ldap/ldap.conf

Now I try to search:
ldapsearch -x -D "cn=admin,dc=*********,dc=***" -b 'dc=**********,dc=***' '(objectclass=*)' -W -ZZ -v
ldap_initialize( <DEFAULT> )
ldap_start_tls: Protocol error (2)

I do not know what goes wrong, the log file does not tell me much:

Jan 30 23:20:56 ********** slapd[20043]: daemon: read active on 14 
Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=8 active_threads=0 tvp=zero 
Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=9 active_threads=0 tvp=zero 
Jan 30 23:20:56 ********** slapd[20043]: connection_get(14) 
Jan 30 23:20:56 ********** slapd[20043]: connection_get(14): got connid=4 
Jan 30 23:20:56 ********** slapd[20043]: connection_read(14): checking for input on id=4 
Jan 30 23:20:56 ********** slapd[20043]: ber_get_next on fd 14 failed errno=0 (Success) 
Jan 30 23:20:56 ********** slapd[20043]: connection_read(14): input error=-2 id=4, closing. 
Jan 30 23:20:56 ********** slapd[20043]: connection_closing: readying conn=4 sd=14 for close 
Jan 30 23:20:56 ********** slapd[20043]: connection_close: conn=4 sd=14 
Jan 30 23:20:56 ********** slapd[20043]: daemon: removing 14 
Jan 30 23:20:56 ********** slapd[20043]: conn=4 fd=14 closed (connection lost) 
Jan 30 23:20:56 ********** slapd[20043]: daemon: activity on 1 descriptor 
Jan 30 23:20:56 ********** slapd[20043]: daemon: activity on:
Jan 30 23:20:56 ********** slapd[20043]:  
Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=8 active_threads=0 tvp=zero 
Jan 30 23:20:56 ********** slapd[20043]: daemon: epoll: listen=9 active_threads=0 tvp=zero

What else could be wrong?

Thanks!
nathan

Prev by Date: RE: slapd 2.4.13: ppolicy_use_lockout not working as expected
Next by Date: Re: delta-syncrepl missing changes
Index(es):
- Chronological
- Thread