[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40

To: openldap-technical@openldap.org, Howard Chu <hyc@symas.com>, Quanah Gibson-Mount <quanah@symas.com>
Subject: Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40
From: Brian Reichert <reichert@numachi.com>
Date: Tue, 22 Jan 2019 09:21:36 -0500
Content-disposition: inline
In-reply-to: <20190122131004.GB1861@helsinki.fi>
References: <45403ce3-d89f-d8d3-7190-817198830d7c@symas.com> <20190122131004.GB1861@helsinki.fi>
User-agent: Mutt/1.5.9i

On Tue, Jan 22, 2019 at 03:10:04PM +0200, Janne Peltonen wrote:
> RHEL 7, and slapd seems to be linked to the Mozilla nss libraries.
> 
> I called them "spurious" because there doesn't seem to be any correlation
> between the errors and any external events. But I have to admit I do not
> understand what kind of activity might cause entropy to be low; I somehow
> thought it would be a simple case of "more entropy used than the pool has" and
> then it would be simply caused by too much activity. But these errors seem to
> come sometimes when the server is more loaded and sometimes when it is less
> loaded and I haven't found any way to make them more probable. Or less.

Perhaps unrelated, but at $JOB we had to explore using /dev/urandom vs
/dev/random on out CentOS 6 servers:

  https://unix.stackexchange.com/a/324210

> 
> --Janne / Helsinki Uni
> 

-- 
Brian Reichert				<reichert@numachi.com>
BSD admin/developer at large

References:
- Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40
  - From: Howard Chu <hyc@symas.com>
- Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40
  - From: Janne Peltonen <janne.peltonen@helsinki.fi>

Prev by Date: Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40
Next by Date: Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40
Index(es):
- Chronological
- Thread