[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapo-chain + TLS = help



On 19/07/12 2:36 AM, Gavin Henry wrote:
TLS: can't accept: A record packet with illegal version was received..
connection_read(16): TLS accept failure error=-1 id=1001, closing

The master runs Ubuntu 10.04.4 LTS and slapd @(#) $OpenLDAP: slapd 2.4.21
(Dec 19 2011 15:18:58) $
buildd@roseapple:/build/buildd/openldap-2.4.21/debian/build/servers/slapd

I'm wondering do I need to upgrade the master (slave is Ubuntu 12.04), could
this be related to the version of slapd or gnutls?
Check out:

man slapd-ldap as slapo-chain uses that which has the same tls
settings as slapd.

Thanks.

Thanks for that, in the end I gave up on TLS and just used SSL. Later when I try again, it'll be after upgrading both the provider and the consumer to the same versions. For now I'm using:

chain-uri                  "ldaps://provider.example.com"
.
.
chain-tls                  ldaps
.
.
.
.
updateref                  "ldaps://provider.example.com/"


Regards,


Warren.