Re: OpenLDAp + OpenSSL: decrypt error

Thanks for your reply...

Yeah... I think i configured correctly in my client. I can use ldapsearch with commands:

./ldapsearch -xLL -b dc=abc,dc=com -H ldaps://ftp.abc.com '(uid=khanhnq)' -d -1

.......

02a0: 63 1c c8 a4 32 02 b0 8c bb 17 79 54 29 9d d1 61   c...2.....yT)..a
02b0: 05 82 04 60 53 30 d6 27 26 d4 e3 21 51 4c 95 d2   ...`S0.'&..!QL..
02c0: 83 f7 1d 1d a6 a9 c0 90 64 0c 1a b0 51 f5 6c e3   ........d...Q.l.
02d0: 35 79 c1 bf 19 20 17 ec cf 22 fe 54 c8 38 de 9c   5y... ...".T.8..
02e0: 30 e5 cc e4 90 a0 5f 83 ef 9c 8b b4 91 85 f8 f2   0....._.........
02f0: 1c 80 d8 66 f2 67 8e 24 da f3 04 7a c2 5c b2 1a   ...f.g.$...z.\..
0300: 5d 3b fe dc ad 75 bf f6 2c 9f 29 f9 b4 82 8f e5   ];...u..,.).....
0310: 07 7c d6 34 f5 8c 0c 14 13 6a dd aa 62 92 63 58   .|.4.....j..b.cX
0320: a6 56 12 5f f1 1c 20 ad 59 8f eb 6a 9a 3c cc 7e   .V._.. .Y..j.<.~
0330: 12 77 71 8b 41 53 81 48 39 22 e0 06 da 98 1d c7   .wq.AS.H9"......
0340: c6 46 c2 27 1c 90 cd 7c 84 c5                     .F.'...|..
TLS trace: SSL_connect:SSLv3 read server session ticket A
tls_read: want=5, got=5
0000: 14 03 01 00 01                                     .....
tls_read: want=1, got=1
0000: 01                                                 .
tls_read: want=5, got=5
0000: 16 03 01 00 30                                     ....0
tls_read: want=48, got=48
0000: 48 d9 2d 72 be 68 e4 0b c5 fe 47 f0 3f 65 c0 b3   H.-r.h....G.?e..
0010: 5e ca 18 75 46 d3 6c 77 22 88 f3 14 d5 e5 5b ea   ^..uF.lw".....[.
0020: 72 35 7f 40 86 e9 61 bf 10 1e 5b b1 5f 54 8a 7b   r5.@..a...[._T.{
TLS trace: SSL_connect:SSLv3 read finished A
ldap_open_defconn: successful
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x8ac43c0 ptr=0x8ac43c0 end=0x8ac43ce len=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00         0....`........
ber_scanf fmt ({i) ber:
ber_dump: buf=0x8ac43c0 ptr=0x8ac43c5 end=0x8ac43ce len=9
0000: 60 07 02 01 03 04 00 80 00                        `........
ber_flush2: 14 bytes to sd 3
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00         0....`........
tls_write: want=90, written=90
0000: 17 03 01 00 20 44 cd 49 8c 85 89 9c 2f 2e 82 a1   .... D.I..../...
0010: ed 78 8a b5 c7 f3 b0 e6 7c 72 82 77 38 27 92 02   .x......|r.w8'..
0020: e9 53 6d 37 da 17 03 01 00 30 1d 57 4d c9 6c 77   .Sm7.....0.WM.lw
0030: f1 6b 5e ae f7 e7 a5 e7 1a c2 89 2c 37 02 3e 8a   .k^........,7.>.
0040: ce 3a f4 10 1c aa e5 3d c6 c8 1a 21 51 4c b3 b0   .:.....=...!QL..
0050: b7 22 31 d9 13 35 8e ce 34 43                     ."1..5..4C
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00         0....`........
ldap_result ld 0x8abb038 msgid 1
wait4msg ld 0x8abb038 msgid 1 (infinite timeout)
wait4msg continue ld 0x8abb038 msgid 1 all 1
** ld 0x8abb038 Connections:
* host: ftp.abc.com port: 636 (default)
refcnt: 2 status: Connected
last used: Tue Jun 14 09:45:29 2011

** ld 0x8abb038 Outstanding Requests:
* msgid 1, origid 1, status InProgress
   outstanding referrals 0, parent count 0
ld 0x8abb038 request count 1 (abandoned 0)
** ld 0x8abb038 Response Queue:
   Empty
ld 0x8abb038 response count 0
ldap_chkResponseList ld 0x8abb038 msgid 1 all 1
ldap_chkResponseList returns ld 0x8abb038 NULL
ldap_int_select
read1msg: ld 0x8abb038 msgid 1 all 1
ber_get_next
tls_read: want=5, got=5
0000: 17 03 01 00 20                                     ....
tls_read: want=32, got=32
0000: db 18 26 f0 e7 a1 8b 2c 23 a7 01 52 c6 eb ea 6c   ..&....,#..R...l
0010: db f4 e7 db 21 c4 31 bf dd 57 03 e2 42 c4 74 8c   ....!.1..W..B.t.
tls_read: want=5, got=5
0000: 17 03 01 00 30                                     ....0
tls_read: want=48, got=48
0000: 7f 8a 1a 21 52 d7 07 8c 27 e4 58 ff b3 14 18 ef   ...!R...'.X.....
0010: 9d 07 da 05 35 e3 25 b2 83 b4 6e 95 9a fe 0f f8   ....5.%...n.....
0020: 66 90 5f 3f de 6d 4d fd 77 2c ba 99 82 ed 86 72   f._?.mM.w,.....r
ldap_read: want=8, got=8
0000: 30 0c 02 01 01 61 07 0a                            0....a..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00                                  ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x8ad1f90 ptr=0x8ad1f90 end=0x8ad1f9c len=12
0000: 02 01 01 61 07 0a 01 00 04 00 04 00               ...a........
read1msg: ld 0x8abb038 msgid 1 message type bind
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8ad1f90 ptr=0x8ad1f93 end=0x8ad1f9c len=9
0000: 61 07 0a 01 00 04 00 04 00                        a........
read1msg: ld 0x8abb038 0 new referrals
read1msg: mark request completed, ld 0x8abb038 msgid 1
request done: ld 0x8abb038 msgid 1
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 1, msgid 1)
ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8ad1f90 ptr=0x8ad1f93 end=0x8ad1f9c len=9
0000: 61 07 0a 01 00 04 00 04 00                        a........
ber_scanf fmt (}) ber:
ber_dump: buf=0x8ad1f90 ptr=0x8ad1f9c end=0x8ad1f9c len=0

ldap_msgfree
version: 1

ldap_search_ext
put_filter: "(uid=khanhnq)"
put_filter: simple
put_simple_filter: "uid=khanhnq"
ldap_build_search_req ATTRS: *
ldap_send_initial_request
ldap_send_server_request
ber_scanf fmt ({it) ber:
ber_dump: buf=0x8ac43c0 ptr=0x8ac43c0 end=0x8ac43f7 len=55
0000: 30 35 02 01 02 63 30 04 0d 64 63 3d 61 62 63 2c   05...c0..dc=abc,
0010: 64 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 00 02   dc=com..........
0020: 01 00 01 01 00 a3 0e 04 03 75 69 64 04 07 6b 68   .........uid..kh
0030: 61 6e 68 6e 71 30 00                               anhnq0.
ber_scanf fmt ({) ber:
ber_dump: buf=0x8ac43c0 ptr=0x8ac43c5 end=0x8ac43f7 len=50
0000: 63 30 04 0d 64 63 3d 61 62 63 2c 64 63 3d 63 6f   c0..dc=abc,dc=co
0010: 6d 0a 01 02 0a 01 00 02 01 00 02 01 00 01 01 00   m...............
0020: a3 0e 04 03 75 69 64 04 07 6b 68 61 6e 68 6e 71   ....uid..khanhnq
0030: 30 00                                              0.
ber_flush2: 55 bytes to sd 3
0000: 30 35 02 01 02 63 30 04 0d 64 63 3d 61 62 63 2c   05...c0..dc=abc,
0010: 64 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 00 02   dc=com..........
0020: 01 00 01 01 00 a3 0e 04 03 75 69 64 04 07 6b 68   .........uid..kh
0030: 61 6e 68 6e 71 30 00                               anhnq0.
tls_write: want=122, written=122
0000: 17 03 01 00 20 33 96 d7 55 8b 61 42 4d 5c e9 ba   .... 3..U.aBM\..
0010: 1c 66 70 58 1f 13 70 ec cc 0a f4 24 9a eb 4e 2b   .fpX..p....$..N+
0020: 8b 51 cc bc 85 17 03 01 00 50 db d6 b9 b6 df 91   .Q.......P......
0030: 96 45 4d eb 26 95 b8 4d 5e 4e 7f 16 94 82 ba a7   .EM.&..M^N......
0040: df 1e 8a 07 ae 69 c3 8c 7d 40 76 bb 93 7b 83 9d   .....i..}@v..{..
0050: 1d e2 3b ec dc 63 aa 50 31 8e 28 fb ae 4b 08 6b   ..;..c.P1.(..K.k
0060: 6f 90 c3 da b7 f3 1e 79 30 a2 10 47 d6 8f fe a0   o......y0..G....
0070: 7c 34 81 1e 4e 41 19 67 9c 07                     |4..NA.g..
ldap_write: want=55, written=55
0000: 30 35 02 01 02 63 30 04 0d 64 63 3d 61 62 63 2c   05...c0..dc=abc,
0010: 64 63 3d 63 6f 6d 0a 01 02 0a 01 00 02 01 00 02   dc=com..........
0020: 01 00 01 01 00 a3 0e 04 03 75 69 64 04 07 6b 68   .........uid..kh
0030: 61 6e 68 6e 71 30 00                               anhnq0.
ldap_result ld 0x8abb038 msgid -1
wait4msg ld 0x8abb038 msgid -1 (infinite timeout)
wait4msg continue ld 0x8abb038 msgid -1 all 0
** ld 0x8abb038 Connections:
* host: ftp.abc.com port: 636 (default)
refcnt: 2 status: Connected
last used: Tue Jun 14 09:45:29 2011

** ld 0x8abb038 Outstanding Requests:
* msgid 2, origid 2, status InProgress
   outstanding referrals 0, parent count 0
ld 0x8abb038 request count 1 (abandoned 0)
** ld 0x8abb038 Response Queue:
   Empty
ld 0x8abb038 response count 0
ldap_chkResponseList ld 0x8abb038 msgid -1 all 0
ldap_chkResponseList returns ld 0x8abb038 NULL
ldap_int_select
read1msg: ld 0x8abb038 msgid -1 all 0
ber_get_next
tls_read: want=5, got=5
0000: 17 03 01 00 20                                     ....
tls_read: want=32, got=32
0000: 9b 33 8e d8 db 37 b0 f3 d4 93 72 58 00 e2 1e 6c   .3...7....rX...l
0010: 36 53 54 6e c5 c9 c3 33 a0 aa 36 f6 8d 75 df 3f   6STn...3..6..u.?
tls_read: want=5, got=5
0000: 17 03 01 01 00                                     .....
tls_read: want=256, got=256
0000: 5a 8a 0f c1 a8 76 39 2c ff d9 30 ca d8 6d b5 f8   Z....v9,..0..m..
0010: 2f 5a e0 98 6d 55 83 6c bf 79 b2 32 ca a7 79 a0   /Z..mU.l.y.2..y.
0020: c9 cd 43 95 63 35 ed 56 cd 32 bb 12 2a 4d 10 c8   ..C.c5.V.2..*M..
0030: c5 08 ae 6d 04 e9 5b 0c 13 a6 7d eb 6d a7 b7 6f   ...m..[...}.m..o
0040: 93 d9 91 d4 8f 22 35 48 de 99 aa 58 be 83 ec 44   ....."5H...X...D
0050: ac 28 ba 3a c4 de c4 39 57 ec 17 5a 8b 45 a8 94   .(.:...9W..Z.E..
0060: ae a4 f2 e7 37 da eb eb 78 1c e8 4a 52 98 4d cc   ....7...x..JR.M.
0070: c7 34 97 7d f0 a3 96 78 76 c7 b8 26 c8 1d cb 7f   .4.}...xv..&....
0080: 90 f4 e7 2a 2d e4 8d 2a b0 d9 11 6c cd 41 1d 34   ...*-..*...l.A.4
0090: 07 7e f0 95 3d 13 22 45 be 8b 6c f8 e6 f0 71 49   .~..=."E..l...qI
00a0: d7 10 d3 ce ae ce 8c 06 8f 17 d1 7b 67 2b e5 91   ...........{g+..
00b0: 75 63 65 d8 28 d7 75 88 40 28 7a 61 c8 d9 de 8a   uce.(.u.@(za....
00c0: 64 67 f2 13 1e 25 9d 6f 68 c8 11 82 b8 65 de 4c   dg...%.oh....e.L
00d0: 10 cf 48 5e 69 2f 10 07 9a 10 71 e3 ca 6c b9 5d   ..H^i/....q..l.]
00e0: 68 3d d6 0d ca 09 fc 69 a2 ed 67 09 76 58 37 ef   h=.....i..g.vX7.
00f0: 3f c2 ec 26 29 0f 6c f9 d3 21 8b c4 a6 85 05 16   ?..&).l..!......
ldap_read: want=8, got=8
0000: 30 82 01 13 02 01 02 64                            0......d
ldap_read: want=271, got=271
0000: 82 01 0c 04 28 63 6e 3d 4b 68 61 6e 68 20 4e 67   ....(cn=Khanh Ng
0010: 75 79 65 6e 2c 6f 75 3d 6e 65 74 77 6f 72 6b 2c   uyen,ou=network,
0020: 64 63 3d 61 62 63 2c 64 63 3d 63 6f 6d 30 81 df   dc=abc,dc=com0..
0030: 30 1e 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73 31   0...objectClass1
0040: 0f 04 0d 69 6e 65 74 4f 72 67 50 65 72 73 6f 6e   ...inetOrgPerson
0050: 30 27 04 02 63 6e 31 21 04 0c 4b 68 61 6e 68 20   0'..cn1!..Khanh
0060: 4e 67 75 79 65 6e 04 11 4b 68 61 6e 68 20 4e 67   Nguyen..Khanh Ng
0070: 75 79 65 6e 20 51 75 6f 63 30 0d 04 02 73 6e 31   uyen Quoc0...sn1
0080: 07 04 05 4b 68 61 6e 68 30 10 04 03 75 69 64 31   ...Khanh0...uid1
0090: 09 04 07 6b 68 61 6e 68 6e 71 30 18 04 0c 75 73   ...khanhnq0...us
00a0: 65 72 50 61 73 73 77 6f 72 64 31 08 04 06 31 32   erPassword1...12
00b0: 33 34 35 36 30 48 04 04 6d 61 69 6c 31 40 04 0f   34560H..mail1@..
00c0: 6b 68 61 6e 68 6e 71 40 61 62 63 2e 63 6f 6d 04   khanhnq@abc.com.
00d0: 12 6e 71 6b 32 38 37 30 33 40 79 61 68 6f 6f 2e   .nqk28703@yahoo.
00e0: 63 6f 6d 04 19 6b 68 61 6e 68 6e 71 40 73 61 69   com..khanhnq@sai
00f0: 67 6f 6e 74 65 63 68 2e 65 64 75 2e 76 6e 30 0f   gontech.edu.vn0.
0100: 04 02 6f 75 31 09 04 07 6e 65 74 77 6f 72 6b      ..ou1...network
ber_get_next: tag 0x30 len 275 contents:
ber_dump: buf=0x8ae6020 ptr=0x8ae6020 end=0x8ae6133 len=275
0000: 02 01 02 64 82 01 0c 04 28 63 6e 3d 4b 68 61 6e   ...d....(cn=Khan
0010: 68 20 4e 67 75 79 65 6e 2c 6f 75 3d 6e 65 74 77   h Nguyen,ou=netw
0020: 6f 72 6b 2c 64 63 3d 61 62 63 2c 64 63 3d 63 6f   ork,dc=abc,dc=co
0030: 6d 30 81 df 30 1e 04 0b 6f 62 6a 65 63 74 43 6c   m0..0...objectCl
0040: 61 73 73 31 0f 04 0d 69 6e 65 74 4f 72 67 50 65   ass1...inetOrgPe
0050: 72 73 6f 6e 30 27 04 02 63 6e 31 21 04 0c 4b 68   rson0'..cn1!..Kh
0060: 61 6e 68 20 4e 67 75 79 65 6e 04 11 4b 68 61 6e   anh Nguyen..Khan
0070: 68 20 4e 67 75 79 65 6e 20 51 75 6f 63 30 0d 04   h Nguyen Quoc0..
0080: 02 73 6e 31 07 04 05 4b 68 61 6e 68 30 10 04 03   .sn1...Khanh0...
0090: 75 69 64 31 09 04 07 6b 68 61 6e 68 6e 71 30 18   uid1...khanhnq0.
00a0: 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64 31 08   ..userPassword1.
00b0: 04 06 31 32 33 34 35 36 30 48 04 04 6d 61 69 6c   ..1234560H..mail
00c0: 31 40 04 0f 6b 68 61 6e 68 6e 71 40 61 62 63 2e   1@..khanhnq@abc.
00d0: 63 6f 6d 04 12 6e 71 6b 32 38 37 30 33 40 79 61   com..nqk28703@ya
00e0: 68 6f 6f 2e 63 6f 6d 04 19 6b 68 61 6e 68 6e 71   hoo.com..khanhnq
00f0: 40 73 61 69 67 6f 6e 74 65 63 68 2e 65 64 75 2e   @saigontech.edu.
0100: 76 6e 30 0f 04 02 6f 75 31 09 04 07 6e 65 74 77   vn0...ou1...netw
0110: 6f 72 6b                                           ork
read1msg: ld 0x8abb038 msgid 2 message type search-entry
ldap_get_dn_ber
ber_scanf fmt ({ml{) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae6023 end=0x8ae6133 len=272
0000: 64 82 01 0c 04 28 63 6e 3d 4b 68 61 6e 68 20 4e   d....(cn=Khanh N
0010: 67 75 79 65 6e 2c 6f 75 3d 6e 65 74 77 6f 72 6b   guyen,ou=network
0020: 2c 64 63 3d 61 62 63 2c 64 63 3d 63 6f 6d 30 81   ,dc=abc,dc=com0.
0030: df 30 1e 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73   .0...objectClass
0040: 31 0f 04 0d 69 6e 65 74 4f 72 67 50 65 72 73 6f   1...inetOrgPerso
0050: 6e 30 27 04 02 63 6e 31 21 04 0c 4b 68 61 6e 68   n0'..cn1!..Khanh
0060: 20 4e 67 75 79 65 6e 04 11 4b 68 61 6e 68 20 4e    Nguyen..Khanh N
0070: 67 75 79 65 6e 20 51 75 6f 63 30 0d 04 02 73 6e   guyen Quoc0...sn
0080: 31 07 04 05 4b 68 61 6e 68 30 10 04 03 75 69 64   1...Khanh0...uid
0090: 31 09 04 07 6b 68 61 6e 68 6e 71 30 18 04 0c 75   1...khanhnq0...u
00a0: 73 65 72 50 61 73 73 77 6f 72 64 31 08 04 06 31   serPassword1...1
00b0: 32 33 34 35 36 30 48 04 04 6d 61 69 6c 31 40 04   234560H..mail1@.
00c0: 0f 6b 68 61 6e 68 6e 71 40 61 62 63 2e 63 6f 6d   .khanhnq@abc.com
00d0: 04 12 6e 71 6b 32 38 37 30 33 40 79 61 68 6f 6f   ..nqk28703@yahoo
00e0: 2e 63 6f 6d 04 19 6b 68 61 6e 68 6e 71 40 73 61   .com..khanhnq@sa
00f0: 69 67 6f 6e 74 65 63 68 2e 65 64 75 2e 76 6e 30   igontech.edu.vn0
0100: 0f 04 02 6f 75 31 09 04 07 6e 65 74 77 6f 72 6b   ...ou1...network
dn: cn=Khanh Nguyen,ou=network,dc=abc,dc=com
ber_scanf fmt ({xx) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae6023 end=0x8ae6133 len=272
0000: 64 82 01 0c 04 28 63 6e 3d 4b 68 61 6e 68 20 4e   d....(cn=Khanh N
0010: 67 75 79 65 6e 2c 6f 75 3d 6e 65 74 77 6f 72 6b   guyen,ou=network
0020: 2c 64 63 3d 61 62 63 2c 64 63 3d 63 6f 6d 00 81   ,dc=abc,dc=com..
0030: df 30 1e 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73   .0...objectClass
0040: 31 0f 04 0d 69 6e 65 74 4f 72 67 50 65 72 73 6f   1...inetOrgPerso
0050: 6e 30 27 04 02 63 6e 31 21 04 0c 4b 68 61 6e 68   n0'..cn1!..Khanh
0060: 20 4e 67 75 79 65 6e 04 11 4b 68 61 6e 68 20 4e    Nguyen..Khanh N
0070: 67 75 79 65 6e 20 51 75 6f 63 30 0d 04 02 73 6e   guyen Quoc0...sn
0080: 31 07 04 05 4b 68 61 6e 68 30 10 04 03 75 69 64   1...Khanh0...uid
0090: 31 09 04 07 6b 68 61 6e 68 6e 71 30 18 04 0c 75   1...khanhnq0...u
00a0: 73 65 72 50 61 73 73 77 6f 72 64 31 08 04 06 31   serPassword1...1
00b0: 32 33 34 35 36 30 48 04 04 6d 61 69 6c 31 40 04   234560H..mail1@.
00c0: 0f 6b 68 61 6e 68 6e 71 40 61 62 63 2e 63 6f 6d   .khanhnq@abc.com
00d0: 04 12 6e 71 6b 32 38 37 30 33 40 79 61 68 6f 6f   ..nqk28703@yahoo
00e0: 2e 63 6f 6d 04 19 6b 68 61 6e 68 6e 71 40 73 61   .com..khanhnq@sa
00f0: 69 67 6f 6e 74 65 63 68 2e 65 64 75 2e 76 6e 30   igontech.edu.vn0
0100: 0f 04 02 6f 75 31 09 04 07 6e 65 74 77 6f 72 6b   ...ou1...network
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae6054 end=0x8ae6133 len=223
0000: 30 1e 04 0b 6f 62 6a 65 63 74 43 6c 61 73 73 31   0...objectClass1
0010: 0f 04 0d 69 6e 65 74 4f 72 67 50 65 72 73 6f 6e   ...inetOrgPerson
0020: 30 27 04 02 63 6e 31 21 04 0c 4b 68 61 6e 68 20   0'..cn1!..Khanh
0030: 4e 67 75 79 65 6e 04 11 4b 68 61 6e 68 20 4e 67   Nguyen..Khanh Ng
0040: 75 79 65 6e 20 51 75 6f 63 30 0d 04 02 73 6e 31   uyen Quoc0...sn1
0050: 07 04 05 4b 68 61 6e 68 30 10 04 03 75 69 64 31   ...Khanh0...uid1
0060: 09 04 07 6b 68 61 6e 68 6e 71 30 18 04 0c 75 73   ...khanhnq0...us
0070: 65 72 50 61 73 73 77 6f 72 64 31 08 04 06 31 32   erPassword1...12
0080: 33 34 35 36 30 48 04 04 6d 61 69 6c 31 40 04 0f   34560H..mail1@..
0090: 6b 68 61 6e 68 6e 71 40 61 62 63 2e 63 6f 6d 04   khanhnq@abc.com.
00a0: 12 6e 71 6b 32 38 37 30 33 40 79 61 68 6f 6f 2e   .nqk28703@yahoo.
00b0: 63 6f 6d 04 19 6b 68 61 6e 68 6e 71 40 73 61 69   com..khanhnq@sai
00c0: 67 6f 6e 74 65 63 68 2e 65 64 75 2e 76 6e 30 0f   gontech.edu.vn0.
00d0: 04 02 6f 75 31 09 04 07 6e 65 74 77 6f 72 6b      ..ou1...network
objectClass: inetOrgPerson
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae6074 end=0x8ae6133 len=191
0000: 00 27 04 02 63 6e 31 21 04 0c 4b 68 61 6e 68 20   .'..cn1!..Khanh
0010: 4e 67 75 79 65 6e 04 11 4b 68 61 6e 68 20 4e 67   Nguyen..Khanh Ng
0020: 75 79 65 6e 20 51 75 6f 63 30 0d 04 02 73 6e 31   uyen Quoc0...sn1
0030: 07 04 05 4b 68 61 6e 68 30 10 04 03 75 69 64 31   ...Khanh0...uid1
0040: 09 04 07 6b 68 61 6e 68 6e 71 30 18 04 0c 75 73   ...khanhnq0...us
0050: 65 72 50 61 73 73 77 6f 72 64 31 08 04 06 31 32   erPassword1...12
0060: 33 34 35 36 30 48 04 04 6d 61 69 6c 31 40 04 0f   34560H..mail1@..
0070: 6b 68 61 6e 68 6e 71 40 61 62 63 2e 63 6f 6d 04   khanhnq@abc.com.
0080: 12 6e 71 6b 32 38 37 30 33 40 79 61 68 6f 6f 2e   .nqk28703@yahoo.
0090: 63 6f 6d 04 19 6b 68 61 6e 68 6e 71 40 73 61 69   com..khanhnq@sai
00a0: 67 6f 6e 74 65 63 68 2e 65 64 75 2e 76 6e 30 0f   gontech.edu.vn0.
00b0: 04 02 6f 75 31 09 04 07 6e 65 74 77 6f 72 6b      ..ou1...network
cn: Khanh Nguyen
cn: Khanh Nguyen Quoc
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae609d end=0x8ae6133 len=150
0000: 00 0d 04 02 73 6e 31 07 04 05 4b 68 61 6e 68 30   ....sn1...Khanh0
0010: 10 04 03 75 69 64 31 09 04 07 6b 68 61 6e 68 6e   ...uid1...khanhn
0020: 71 30 18 04 0c 75 73 65 72 50 61 73 73 77 6f 72   q0...userPasswor
0030: 64 31 08 04 06 31 32 33 34 35 36 30 48 04 04 6d   d1...1234560H..m
0040: 61 69 6c 31 40 04 0f 6b 68 61 6e 68 6e 71 40 61   ail1@..khanhnq@a
0050: 62 63 2e 63 6f 6d 04 12 6e 71 6b 32 38 37 30 33   bc.com..nqk28703
0060: 40 79 61 68 6f 6f 2e 63 6f 6d 04 19 6b 68 61 6e   @yahoo.com..khan
0070: 68 6e 71 40 73 61 69 67 6f 6e 74 65 63 68 2e 65   hnq@saigontech.e
0080: 64 75 2e 76 6e 30 0f 04 02 6f 75 31 09 04 07 6e   du.vn0...ou1...n
0090: 65 74 77 6f 72 6b                                  etwork
sn: Khanh
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae60ac end=0x8ae6133 len=135
0000: 00 10 04 03 75 69 64 31 09 04 07 6b 68 61 6e 68   ....uid1...khanh
0010: 6e 71 30 18 04 0c 75 73 65 72 50 61 73 73 77 6f   nq0...userPasswo
0020: 72 64 31 08 04 06 31 32 33 34 35 36 30 48 04 04   rd1...1234560H..
0030: 6d 61 69 6c 31 40 04 0f 6b 68 61 6e 68 6e 71 40   mail1@..khanhnq@
0040: 61 62 63 2e 63 6f 6d 04 12 6e 71 6b 32 38 37 30   abc.com..nqk2870
0050: 33 40 79 61 68 6f 6f 2e 63 6f 6d 04 19 6b 68 61   3@yahoo.com..kha
0060: 6e 68 6e 71 40 73 61 69 67 6f 6e 74 65 63 68 2e   nhnq@saigontech.
0070: 65 64 75 2e 76 6e 30 0f 04 02 6f 75 31 09 04 07   edu.vn0...ou1...
0080: 6e 65 74 77 6f 72 6b                               network
uid: khanhnq
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae60be end=0x8ae6133 len=117
0000: 00 18 04 0c 75 73 65 72 50 61 73 73 77 6f 72 64   ....userPassword
0010: 31 08 04 06 31 32 33 34 35 36 30 48 04 04 6d 61   1...1234560H..ma
0020: 69 6c 31 40 04 0f 6b 68 61 6e 68 6e 71 40 61 62   il1@..khanhnq@ab
0030: 63 2e 63 6f 6d 04 12 6e 71 6b 32 38 37 30 33 40   c.com..nqk28703@
0040: 79 61 68 6f 6f 2e 63 6f 6d 04 19 6b 68 61 6e 68   yahoo.com..khanh
0050: 6e 71 40 73 61 69 67 6f 6e 74 65 63 68 2e 65 64   nq@saigontech.ed
0060: 75 2e 76 6e 30 0f 04 02 6f 75 31 09 04 07 6e 65   u.vn0...ou1...ne
0070: 74 77 6f 72 6b                                     twork
userPassword:: MTIzNDU2
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae60d8 end=0x8ae6133 len=91
0000: 00 48 04 04 6d 61 69 6c 31 40 04 0f 6b 68 61 6e   .H..mail1@..khan
0010: 68 6e 71 40 61 62 63 2e 63 6f 6d 04 12 6e 71 6b   hnq@abc.com..nqk
0020: 32 38 37 30 33 40 79 61 68 6f 6f 2e 63 6f 6d 04   28703@yahoo.com.
0030: 19 6b 68 61 6e 68 6e 71 40 73 61 69 67 6f 6e 74   .khanhnq@saigont
0040: 65 63 68 2e 65 64 75 2e 76 6e 30 0f 04 02 6f 75   ech.edu.vn0...ou
0050: 31 09 04 07 6e 65 74 77 6f 72 6b                  1...network
mail: khanhnq@abc.com
mail: nqk28703@yahoo.com
mail: khanhnq@saigontech.edu.vn
ldap_get_attribute_ber
ber_scanf fmt ({mM}) ber:
ber_dump: buf=0x8ae6020 ptr=0x8ae6122 end=0x8ae6133 len=17
0000: 00 0f 04 02 6f 75 31 09 04 07 6e 65 74 77 6f 72   ....ou1...networ
0010: 6b                                                 k
ou: network
ldap_get_attribute_ber
ldap_msgfree
ldap_result ld 0x8abb038 msgid -1
wait4msg ld 0x8abb038 msgid -1 (infinite timeout)
wait4msg continue ld 0x8abb038 msgid -1 all 0
** ld 0x8abb038 Connections:
* host: ftp.abc.com port: 636 (default)
refcnt: 2 status: Connected
last used: Tue Jun 14 09:45:29 2011

** ld 0x8abb038 Outstanding Requests:
* msgid 2, origid 2, status InProgress
   outstanding referrals 0, parent count 0
ld 0x8abb038 request count 1 (abandoned 0)
** ld 0x8abb038 Response Queue:
   Empty
ld 0x8abb038 response count 0
ldap_chkResponseList ld 0x8abb038 msgid -1 all 0
ldap_chkResponseList returns ld 0x8abb038 NULL
ldap_int_select
read1msg: ld 0x8abb038 msgid -1 all 0
ber_get_next
tls_read: want=5, got=5
0000: 17 03 01 00 20                                     ....
tls_read: want=32, got=32
0000: f5 7f 1f fa 5c b8 a8 7c b7 b2 63 36 9b 7e e8 1a   ....\..|..c6.~..
0010: ed ae 32 b4 03 b7 19 7f ce 68 eb a9 1c 29 e0 f1   ..2......h...)..
tls_read: want=5, got=5
0000: 17 03 01 00 30                                     ....0
tls_read: want=48, got=48
0000: d9 d8 24 c9 af 95 a7 8e 33 0d 87 49 e2 62 7d aa   ..$.....3..I.b}.
0010: 8c 40 35 dc 4f 16 3e 65 12 1c d7 4e 4d 3d fb 45   .@5.O.>e...NM=.E
0020: 01 f7 30 8f 77 7f 7b 27 0f 95 dc 1f 48 d3 5b c6   ..0.w.{'....H.[.
ldap_read: want=8, got=8
0000: 30 0c 02 01 02 65 07 0a                            0....e..
ldap_read: want=6, got=6
0000: 01 00 04 00 04 00                                  ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x8abc090 ptr=0x8abc090 end=0x8abc09c len=12
0000: 02 01 02 65 07 0a 01 00 04 00 04 00               ...e........
read1msg: ld 0x8abb038 msgid 2 message type search-result
ber_scanf fmt ({eAA) ber:
ber_dump: buf=0x8abc090 ptr=0x8abc093 end=0x8abc09c len=9
0000: 65 07 0a 01 00 04 00 04 00                        e........
read1msg: ld 0x8abb038 0 new referrals
read1msg: mark request completed, ld 0x8abb038 msgid 2
request done: ld 0x8abb038 msgid 2
res_errno: 0, res_error: <>, res_matched: <>
ldap_free_request (origid 2, msgid 2)

ldap_parse_result
ber_scanf fmt ({iAA) ber:
ber_dump: buf=0x8abc090 ptr=0x8abc093 end=0x8abc09c len=9
0000: 65 07 0a 01 00 04 00 04 00                        e........
ber_scanf fmt (}) ber:
ber_dump: buf=0x8abc090 ptr=0x8abc09c end=0x8abc09c len=0

ldap_msgfree
ldap_free_connection 1 1
ldap_send_unbind
ber_flush2: 7 bytes to sd 3
0000: 30 05 02 01 03 42 00                               0....B.
tls_write: want=90, written=90
0000: 17 03 01 00 20 b6 cb 2e 8e d0 77 72 91 08 67 c2   .... .....wr..g.
0010: a1 58 28 b6 18 5a 34 f4 ae ed c2 d9 4b 99 e5 49   .X(..Z4.....K..I
0020: ea 3f 67 54 9b 17 03 01 00 30 ba 67 c6 ac 50 8e   .?gT.....0.g..P.
0030: b0 ab 07 46 b0 a6 4f 8c ad 74 8e 5e bb 69 68 e9   ...F..O..t.^.ih.
0040: 3f 5a a3 b8 ca 75 40 6d c7 09 30 4a 15 2f 5f 1c   ?Z...u@m..0J./_.
0050: 24 6d 63 ab 4d d2 9d 94 cf 5b                     $mc.M....[
ldap_write: want=7, written=7
0000: 30 05 02 01 03 42 00                               0....B.
tls_write: want=37, written=37
0000: 15 03 01 00 20 eb 76 c3 ab f0 88 3d b0 77 96 e8   .... .v....=.w..
0010: 10 14 19 37 92 b5 f0 a7 cf a7 d3 5a f1 99 bf bd   ...7.......Z....
0020: 96 92 5d 97 4a                                     ..].J
TLS trace: SSL3 alert write:warning:close notify
ldap_free_connection: actually freed
tls_read: want=5 error=Bad file descriptor

As you can see, it's worked OK.

I configured OpenLDAP with OpenSSL following sites: http://www.openldap.org/pub/ksoper/OpenLDAP_TLS.html#4.2

Please give me a clearly advise. Thank you so much...

-- *********************************** EVERYTHING HAS JUST BEGUN...

On Mon, 13 Jun 2011 02:07:41 -0700, Chris Jacobs <Chris.Jacobs@apollogrp.edu> wrote:

Your openssl command defines the CAcert file - is that configured correctly in your client?

To better test openldap specifically, can you do an ldapsearch (using cacert, of course)?

- chris

Chris Jacobs, Systems Administrator, Technology Services Group
Apollo Group | Apollo Marketing & Product Development | Aptimus, Inc.
2001 6th Ave | Ste 3200 | Seattle, WA 98121
phone: 206.839-8245 | cell: 206.601.3256 | Fax: 208.441.9661
email: chris.jacobs@apollogrp.edu

From: openldap-technical-bounces@OpenLDAP.org <openldap-technical-bounces@OpenLDAP.org>
To: openldap-technical@openldap.org <openldap-technical@openldap.org>
Sent: Mon Jun 13 01:01:24 2011
Subject: OpenLDAp + OpenSSL: decrypt error

Hi all,

I'm confusing about this problem. Please help...

I installed OpenLDAP (2.4.25) with Cyrus SASL (2.1.23) and OpenSSL (0.9.8r). I started LDAP with SSL port:

#./slapd -h 'ldaps:///'

Everything OK, but when i test uid of OpenLDAP with SASL, i have a problem:

root@ftp:/usr/local/sasl2/sbin# ./testsaslauthd -u khanhnq -p 123456
0: NO "authentication failed"

I check log and have a message:

ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:636
ldap_new_socket: 10
ldap_prepare_socket: 10
ldap_connect_to_host: Trying 127.0.0.1:636
ldap_pvt_connect: fd: 10 tm: 5 async: 0
ldap_ndelay_on: 10
ldap_int_poll: fd: 10 tm: 5
ldap_is_sock_ready: 10
ldap_ndelay_off: 10
ldap_pvt_connect: 0
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 1, err: 0, subject: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com, issuer: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
TLS certificate verification: depth: 0, err: 7, subject: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com, issuer: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
TLS certificate verification: Error, certificate signature failure
TLS trace: SSL3 alert write:fatal:decrypt error
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS: can't connect: error:14090086:SSL routines:func(144):reason(134) (certificate signature failure).
ldap_err2string
ldap_unbind
ldap_create
ldap_url_parse_ext(ldaps://localhost)
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:636
ldap_new_socket: 10
ldap_prepare_socket: 10
ldap_connect_to_host: Trying 127.0.0.1:636
ldap_pvt_connect: fd: 10 tm: 5 async: 0
ldap_ndelay_on: 10
ldap_int_poll: fd: 10 tm: 5
ldap_is_sock_ready: 10
ldap_ndelay_off: 10
ldap_pvt_connect: 0
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 1, err: 0, subject: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com, issuer: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
TLS certificate verification: depth: 0, err: 7, subject: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com, issuer: /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
TLS certificate verification: Error, certificate signature failure
TLS trace: SSL3 alert write:fatal:decrypt error
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS: can't connect: error:14090086:SSL routines:func(144):reason(134) (certificate signature failure).
ldap_err2string
saslauthd[766] :do_auth : auth failure: [user=khanhnq] [service=imap] [realm=] [mech=ldap] [reason=Unknown]
saslauthd[766] :do_request : response: NO

What i'm doing wrong? I test OpenSSL using client authenticate and it's work OK.

# openssl s_client -connect localhost:636 -state -CAfile /var/myCA/demoCA/cacert.pem -cert /var/myCA/clientcrt.pem -key /var/myCA/clientkey.pem
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=1 /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
verify return:1
depth=0 /C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
verify return:1
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server certificate request A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write certificate verify A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read server session ticket A
SSL_connect:SSLv3 read finished A
---
Certificate chain
0 s:/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
   i:/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
1 s:/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
   i:/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICiTCCAfKgAwIBAgIJAMmeK8RVIEWgMA0GCSqGSIb3DQEBBQUAMEgxCzAJBgNV
BAYTAlZOMQwwCgYDVQQIEwNIQ00xDDAKBgNVBAoTA1NHVDELMAkGA1UECxMCTlcx
EDAOBgNVBAMTB2FiYy5jb20wHhcNMTEwNjEzMDYzMDQ3WhcNMTIwNjEyMDYzMDQ3
WjBIMQswCQYDVQQGEwJWTjEMMAoGA1UECBMDSENNMQwwCgYDVQQKEwNTR1QxCzAJ
BgNVBAsTAk5XMRAwDgYDVQQDEwdhYmMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN
ADCBiQKBgQDEW/sP8n2M7y0LT7ONPZQSnWdOC+E2qyngXaouoKEZauyLkTwWJyQY
MkCeGKwQo1KMGd1O04sw5uD2IWgYBfGuynSalyfGfwETGc4Y/xPHV+FpOY5KRssn
qzmL5Gso276vIOR4KnjZdm5Msp3WQ2z4aNUkLbMspyBugKP9GgjfAwIDAQABo3sw
eTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD
ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUD7QVqUbn35Jgi1yQdumsHRBdAkswHwYDVR0j
BBgwFoAUAdNX4GIDCCQpSpUEfLXJPW74L2IwDQYJKoZIhvcNAQEFBQADgYEAMf8i
zRpqasBFf6acpRvGG/AkLU+Cz10ffH6zE3DsoKngxP6zEDFOb1quX+E7RE98W/0T
iQPLqS5XLIuLX6BNRjnv79DdyynpwsFVip6pHvDZafWBXrzWVn7WEXy5+VpfjBxe
CADHvgvp4LXh7EtvppO1vPyvphCCexsmCIzoxyA=
-----END CERTIFICATE-----
subject=/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
issuer=/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
---
Acceptable client certificate CA names
/C=VN/ST=HCM/O=SGT/OU=NW/CN=abc.com
---
SSL handshake has read 2431 bytes and written 1804 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
    Protocol : TLSv1
    Cipher    : AES256-SHA
    Session-ID: B79630EC32BF14F01931D1EAB3DC0CF7DA29B42E012C8BD8171EEF46D993BB96
    Session-ID-ctx:
    Master-Key: 230F7D9D0736A40EB148CA9091BA0105E6949721E55FD9F84AD057C1CBA38F0A1B2269CAB07E7E71E3310954DDF260BF
    Key-Arg   : None
    TLS session ticket:
    0000 - 07 19 41 07 ec 4c 66 10-24 a0 dd be 02 ff 05 90   ..A..Lf.$.......
    0010 - a0 f8 64 d3 08 77 a0 bf-24 81 ad 04 b8 d9 e6 9a   ..d..w..$.......
    0020 - 04 5a df 4a d5 a1 65 2b-52 4c d4 a2 c2 d6 8b 7f   .Z.J..e+RL......
    0030 - fa 66 c7 05 54 58 fa 5d-9a a3 75 82 d0 e8 76 dd   .f..TX.]..u...v.
    0040 - 4f da 54 ac 8e 40 95 68-7c da 6f 08 7f 52 a3 f6   O.T..@.h|.o..R..
    0050 - c2 bd 44 ff dd 95 b3 0c-e5 9e 16 95 7c c8 6d ee   ..D.........|.m.
    0060 - 96 03 6b db ae 8c 34 8e-a3 29 87 16 f0 a6 0e 8c   ..k...4..)......
    0070 - ac fa c2 76 4a 2d 75 f5-fc b7 1e 83 ec a7 47 0a   ...vJ-u.......G.
    0080 - 72 50 e8 24 e2 22 34 5f-ff 6a b1 ea f0 cc 2e 55   rP.$."4_.j.....U
    0090 - 9f ec ea 1b b5 da 12 70-f4 0c ee 10 5b d0 4e 7a   .......p....[.Nz
    00a0 - 0d 60 06 70 02 f7 eb a3-f3 79 a7 69 5d c3 61 d3   .`.p.....y.i].a.
    00b0 - 51 2a 8a 82 c2 11 70 c9-8b 4f 19 58 50 83 6b 0e   Q*....p..O.XP.k.
    00c0 - bf 9e aa 6a 8f 72 59 9c-10 da cc 8f 90 05 db e2   ...j.rY.........
    00d0 - 08 31 d8 62 1a 24 0d 50-a4 e1 75 e6 ee 49 19 32   .1.b.$.P..u..I.2
    00e0 - 1f b6 0e 77 11 42 ce 3a-7e 7e 9c 2b be 59 d4 b4   ...w.B.:~~.+.Y..
    00f0 - 24 36 b0 a5 39 30 9f 3a-49 f7 19 10 73 f1 3e 06   $6..90.:I...s.>.
    0100 - b4 04 58 3a 5f 4c 02 29-54 b1 25 c7 2f 06 4a 62   ..X:_L.)T.%./.Jb
    0110 - fb 4b 52 82 ea 50 7e 12-0e 8b 5a eb a4 34 77 3c   .KR..P~...Z..4w<
    0120 - 9f f4 0d 85 0f 43 9a 5d-f1 ba 3e 28 ab 86 98 17   .....C.]..>(....
    0130 - d1 10 49 d2 a6 f3 e7 32-72 62 41 ac 4c 51 4b 05   ..I....2rbA.LQK.
    0140 - bd e7 a3 30 cd 47 37 95-f9 76 1d 4a f1 a2 58 b0   ...0.G7..v.J..X.
    0150 - 0b a8 ca 4e 4f a1 67 ff-01 3e 11 29 a9 db f1 3e   ...NO.g..>.)...>
    0160 - 43 64 f8 58 4e d3 44 6f-ee cc 61 6d b3 82 ab 77   Cd.XN.Do..am...w
    0170 - e7 3b 6b 83 af b7 42 76-89 e2 e0 d6 8e 66 61 fe   .;k...Bv.....fa.
    0180 - df 7c d8 28 63 04 22 06-cd 41 28 46 d4 08 00 b4   .|.(c."..A(F....
    0190 - 2b 9e 90 ec ee 9f 8e 34-9b 15 5c 71 e8 29 88 c8   +......4..\q.)..
    01a0 - 35 4d 88 aa c3 05 53 0a-b8 bd 90 38 68 cf 8b 0b   5M....S....8h...
    01b0 - b0 f3 48 c0 02 8a 9f be-05 1b 13 4a 49 67 32 8f   ..H........JIg2.
    01c0 - 66 f2 41 18 11 f1 eb ed-2a d0 a4 de d9 10 83 95   f.A.....*.......
    01d0 - c6 aa 1a 74 83 36 31 db-68 b1 88 37 2b 18 da 6b   ...t.61.h..7+..k
    01e0 - b9 be 87 36 64 5c a0 b1-23 eb df d9 8f 96 10 ae   ...6d\..#.......
    01f0 - 4e db 3b c2 77 65 a4 11-df 65 a8 26 98 4f df 69   N.;.we...e.&.O.i
    0200 - 12 1e 1c 4c dd e2 d0 29-1c 3b 01 e9 10 1d db 94   ...L...).;......
    0210 - f6 93 93 b1 c0 89 65 3a-0d bc 16 e8 f0 5f 9f 5c   ......e:....._.\
    0220 - 8a bc ea 56 b7 e7 d4 75-4c 19 6d 18 73 64 3c 95   ...V...uL.m.sd<.
    0230 - 87 0b 88 5b e8 c8 2c b5-92 ce aa ab cd c8 19 6b   ...[..,........k
    0240 - a2 5e 51 f7 a9 8f 59 59-34 a7 81 56 e1 4d 4f 20   .^Q...YY4..V.MO
    0250 - 96 23 fa 58 6f b3 f8 19-68 03 df 61 eb 09 3e d8   .#.Xo...h..a..>.
    0260 - 78 0d 94 f1 3a 1a 64 35-b5 54 b5 84 76 44 62 b1   x...:.d5.T..vDb.
    0270 - 36 5c 1d d6 79 27 6d 1c-3c df bb d2 bf 2c 06 40   6\..y'm.<....,.@
    0280 - 25 03 dd 77 6d 75 b8 ee-7c b5 cf 37 86 eb 9d 36   %..wmu..|..7...6
    0290 - 18 b9 40 89 1e 78 d3 69-34 c9 fa b1 22 7f d2 79   ..@..x.i4..."..y
    02a0 - 93 64 a9 23 6c 9a 32 6c-d2 ca 2a 40 0c c0 f5 c5   .d.#l.2l..*@....
    02b0 - 7e 51 65 c0 b7 9a 8a 01-54 29 71 bd 27 b9 0b a8   ~Qe.....T)q.'...
    02c0 - 60 30 42 42 f4 4e 8a c8-27 a5 d3 99 cc d0 4f e1   `0BB.N..'.....O.
    02d0 - 97 da 01 a5 44 e9 6a 6f-18 2a ea 88 89 14 be 56   ....D.jo.*.....V
    02e0 - 9a 81 a4 f5 0e 6f 2c b2-60 93 30 3e 57 33 5e 20   .....o,.`.0>W3^
    02f0 - 8f 63 46 a7 1f 91 cf 31-81 8f 91 e0 cf c9 1c df   .cF....1........
    0300 - e3 5d ac 0f f9 2e 08 db-dc fa 3f 8e c7 76 2e fb   .]........?..v..
    0310 - ef d3 a7 64 9c 12 99 36-52 75 23 e7 e1 b3 f0 b1   ...d...6Ru#.....
    0320 - 67 cc 78 6d 39 74 1d fa-18 5e b4 9c b4 49 9c 9b   g.xm9t...^...I..
    0330 - 75 ee 0a fd f8 8d cf 15-a4 a2 c5 7c da c7 c0 36   u..........|...6

    Compression: 1 (zlib compression)
    Start Time: 1307949552
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

Please help,

-- 
***********************************
    EVERYTHING HAS JUST BEGUN...

This message is private and confidential. If you have received it in error, please notify the sender and remove it from your system.

References:

Re: OpenLDAp + OpenSSL: decrypt error
- From: Chris Jacobs <Chris.Jacobs@apollogrp.edu>