[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: PFS Ciphers

To: hyc@symas.com (Howard Chu)
Subject: Re: PFS Ciphers
From: manu@netbsd.org (Emmanuel Dreyfus)
Date: Thu, 19 Sep 2013 18:56:37 +0200
Cc: openldap-technical@openldap.org
In-reply-to: <20130919073247.GA15000@homeworld.netbsd.org>
User-agent: MacSOUP/2.7 (unregistered for 2434 days)

Emmanuel Dreyfus <manu@netbsd.org> wrote:

> > Read the slapd.conf(5) or slapd-config(5) manpage. You must
> > configure the TLSDHParamFile.
> 
> Thanks.

It works fine. I thought I had a problem with MacOS X machines causing
"TLS negotiation faied" messages, but they also do it without the
change. It seems each time I type "id some_user" in MacOS X's shell, it
will always attempt a first TCP connexion to the LDAP server, fail TLS
without sending anything, and then attempt a second TCP connexion with
TLS. 

Weird. I don't ask for an answer on this question but just post it for
future reference in case someone has the same behavior: this TLS
negotiation failure is not a failure.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@netbsd.org

References:
- Re: PFS Ciphers
  - From: Emmanuel Dreyfus <manu@netbsd.org>

Prev by Date: Re: TLS negation failure
Next by Date: Invalid DN
Index(es):
- Chronological
- Thread