[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS not working (even though SSL does) -- logging trouble



--On Tuesday, October 21, 2008 4:05 PM -0400 Kyle Barger <kbarger@ltsp.edu> wrote:

I have an OpenLDAP 2.3 server that is up and running.  I have been trying
to add SSL and TLS.  SSL connections on port 636 work fine. However the
TLS connection on 389 is not working.  The only errors are "TLS accept
failure" and "TLS negotiation failure."  I've not been able to dig up any
more information, even using the -d option, and I notice that people have
posted log files with detailed TLS trace messages.  How can I enable the
TLS logging to find out what's going on?  Thanks.

You can't do SSL over port 389, you need to do startTLS instead. You don't say how you are testing these connections, but if you are using ldapsearch, look at the "-Z[ZZ]" option(s).


--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration