[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: s_client working against 636 but not 389

To: Nate Marks <npmarks@gmail.com>
Subject: Re: s_client working against 636 but not 389
From: Marco Schirrmeister <marco@schirrmeister.net>
Date: Sun, 4 Sep 2011 18:08:40 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <CAHM9UcEysGDep-6FNqe64Vmn0OHUuMDcwhmEyp0=rAd2b0dsJA@mail.gmail.com>
References: <CAHM9UcEysGDep-6FNqe64Vmn0OHUuMDcwhmEyp0=rAd2b0dsJA@mail.gmail.com>

On Sep 3, 2011, at 6:00 PM, Nate Marks wrote:

[root@ldap01 cacerts]# openssl s_client -CAfile /etc/pki/tls/certs/cacert.pem -connect 10.60.1.57:389
CONNECTED(00000003)
4392:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
[root@ldap01 cacerts]#

To use tls on the standard port you would need to submit the option -starttls xxx to openssl. Where xxx is the protocol.

But ldap as protocol is not supported. Even if it would, you could not type in anything useful.

Marco

References:
- s_client working against 636 but not 389
  - From: Nate Marks <npmarks@gmail.com>

Prev by Date: Re: N-way multi master configuration issue
Next by Date: Unrelated to original thread (Was: RE : Slapd-meta stop at the first unreachable candidate)
Index(es):
- Chronological
- Thread