I spent some more time debugging, and here is some additional info. I ran slapd with debugging again ('-d 7' to match the previous ldapsearch debug output), and this time I spotted something that I must have missed before.
In the interest of space, I removed the pages-upon-pages of output generated from parsing the schema files. The first line in the attached debug output is when slapd is opening the Certificate Authority's public cert. I've also inserted some blank lines and comments (started with a # character) into the debug output to show relevant events. Toward the end, there are error messages about: "TLS trace: SSL_accept:error in SSLv3 read client certificate A" and "TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate s3_srvr.c:2455" This supports the web searches that tied ldapsearch's error of "error:14094410:SSL" to client certificates. But as previously stated, I have "TLSVerifyClient never" specified in my slapd.conf (maybe it's not being respected when running as non-root though). Anyway, I hope this helps in tracking down the problem. As always, if there is any additional info I can provide that would help, just let me know.
... open("/etc/ssl/certs/misumasu.dyndns.org_CA.pem", O_RDONLY) = 12 fstat(12, {st_mode=S_IFREG|0644, st_size=1094, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(12, "-----BEGIN CERTIFICATE-----\nMIIC"..., 4096) = 1094 read(12, "", 4096) = 0 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 open("/usr/lib/ssl/cert.pem", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ssl/certs/misumasu.dyndns.org_CA.pem", O_RDONLY) = 12 fstat(12, {st_mode=S_IFREG|0644, st_size=1094, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(12, "-----BEGIN CERTIFICATE-----\nMIIC"..., 4096) = 1094 read(12, "", 4096) = 0 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 open("/etc/ldap/private/ldap.misumasu.dyndns.org.pem", O_RDONLY) = 12 fstat(12, {st_mode=S_IFREG|0640, st_size=887, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(12, "-----BEGIN RSA PRIVATE KEY-----\n"..., 4096) = 887 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 open("/etc/ssl/certs/ldap.misumasu.dyndns.org.pem", O_RDONLY) = 12 fstat(12, {st_mode=S_IFREG|0644, st_size=1131, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(12, "-----BEGIN CERTIFICATE-----\nMIID"..., 4096) = 1131 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 rt_sigaction(SIGUSR1, {0x41e850, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGUSR2, {0x41e870, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGHUP, {0x41e870, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGINT, {0x41e870, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGTERM, {0x41e870, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGTRAP, {0x41e870, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGCHLD, {0x411530, [], SA_RESTORER|SA_RESTART, 0x2abf16f4f500}, {SIG_DFL}, 8) = 0 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_IGN}, 8) = 0 open("/var/run/slapd/slapd.pid", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 12 fstat(12, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 write(12, "24540\n", 6) = 6 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 open("/var/run/slapd/slapd.args", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 12 fstat(12, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 write(12, "/usr/sbin/slapd -h ldap://127.0."..., 182) = 182 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 time([1155086433]) = 1155086433 write(2, "slapd startup: initiated.\n", 26slapd startup: initiated. ) = 26 write(2, "backend_startup_one: starting \"c"..., 42backend_startup_one: starting "cn=config" ) = 42 write(2, "config_back_db_open\n", 20config_back_db_open ) = 20 write(2, "config_build_entry: \"cn=config\"\n", 32config_build_entry: "cn=config" ) = 32 write(2, "config_build_entry: \"cn=include{"..., 36config_build_entry: "cn=include{0}" ) = 36 write(2, "config_build_entry: \"cn=include{"..., 36config_build_entry: "cn=include{1}" ) = 36 write(2, "config_build_entry: \"cn=include{"..., 36config_build_entry: "cn=include{2}" ) = 36 write(2, "config_build_entry: \"cn=include{"..., 36config_build_entry: "cn=include{3}" ) = 36 write(2, "config_build_entry: \"cn=include{"..., 36config_build_entry: "cn=include{4}" ) = 36 write(2, "config_build_entry: \"cn=module{0"..., 35config_build_entry: "cn=module{0}" ) = 35 write(2, "config_build_entry: \"cn=schema\"\n", 32config_build_entry: "cn=schema" ) = 32 brk(0x6b3000) = 0x6b3000 write(2, "config_build_entry: \"cn={0}core\""..., 33config_build_entry: "cn={0}core" ) = 33 write(2, "config_build_entry: \"cn={1}cosin"..., 35config_build_entry: "cn={1}cosine" ) = 35 write(2, "config_build_entry: \"cn={2}nis\"\n", 32config_build_entry: "cn={2}nis" ) = 32 write(2, "config_build_entry: \"cn={3}ineto"..., 42config_build_entry: "cn={3}inetorgperson" ) = 42 write(2, "config_build_entry: \"cn={4}samba"..., 34config_build_entry: "cn={4}samba" ) = 34 write(2, "config_build_entry: \"olcDatabase"..., 47config_build_entry: "olcDatabase={-1}frontend" ) = 47 write(2, "config_build_entry: \"olcDatabase"..., 44config_build_entry: "olcDatabase={0}config" ) = 44 write(2, "config_build_entry: \"olcDatabase"..., 41config_build_entry: "olcDatabase={1}bdb" ) = 41 open("/var/lib/ldap/DB_CONFIG", O_RDONLY) = 12 fstat(12, {st_mode=S_IFREG|0644, st_size=96, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(12, "set_cachesize 0 2097152 0\nset_lk"..., 4096) = 96 read(12, "", 4096) = 0 close(12) = 0 munmap(0x2abf18550000, 4096) = 0 write(2, "backend_startup_one: starting \"d"..., 61backend_startup_one: starting "dc=misumasu,dc=dyndns,dc=org" ) = 61 write(2, "bdb_db_open: dc=misumasu,dc=dynd"..., 42bdb_db_open: dc=misumasu,dc=dyndns,dc=org ) = 42 stat("/var/lib/ldap", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0 time(NULL) = 1155086433 open("/var/lib/ldap/alock", O_RDWR|O_CREAT, 0666) = 12 lseek(12, 0, SEEK_SET) = 0 fcntl(12, F_SETLKW, {type=F_WRLCK, whence=SEEK_CUR, start=0, len=1024}) = 0 fstat(12, {st_mode=S_IFREG|0644, st_size=2048, ...}) = 0 lseek(12, 1024, SEEK_SET) = 1024 read(12, "xV4\22\0\0\0\0\0\0\0\0\0\0\0\0\0328\331D\0\0\0\0\326_\0"..., 1024) = 1024 lseek(12, 1024, SEEK_SET) = 1024 fcntl(12, F_SETLKW, {type=F_WRLCK, whence=SEEK_CUR, start=0, len=1024}) = 0 lseek(12, 1024, SEEK_SET) = 1024 write(12, "xV4\22\0\0\0\0\2\0\0\0\0\0\0\0a8\331D\0\0\0\0\334_\0\0"..., 1024) = 1024 lseek(12, 0, SEEK_SET) = 0 fcntl(12, F_SETLK, {type=F_UNLCK, whence=SEEK_CUR, start=0, len=1024}) = 0 stat("/var/lib/ldap/DB_CONFIG", {st_mode=S_IFREG|0644, st_size=96, ...}) = 0 stat("/var/lib/ldap/__db.001", {st_mode=S_IFREG|0600, st_size=8192, ...}) = 0 open("/etc/mtab", O_RDONLY) = 13 fstat(13, {st_mode=S_IFREG|0644, st_size=1102, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(13, "/dev/hda2 / xfs rw 0 0\nproc /pro"..., 4096) = 1102 close(13) = 0 munmap(0x2abf18550000, 4096) = 0 open("/proc/stat", O_RDONLY) = 13 fstat(13, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(13, "cpu 74236 6923 121402 47857053 "..., 1024) = 774 read(13, "", 1024) = 0 close(13) = 0 munmap(0x2abf18550000, 4096) = 0 write(2, "bdb_db_open: dbenv_open(/var/lib"..., 39bdb_db_open: dbenv_open(/var/lib/ldap) ) = 39 stat("/var/lib/ldap/DB_CONFIG", {st_mode=S_IFREG|0644, st_size=96, ...}) = 0 open("/var/lib/ldap/DB_CONFIG", O_RDONLY) = 13 fstat(13, {st_mode=S_IFREG|0644, st_size=96, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf18550000 read(13, "set_cachesize 0 2097152 0\nset_lk"..., 4096) = 96 read(13, "", 4096) = 0 close(13) = 0 munmap(0x2abf18550000, 4096) = 0 stat("/var/tmp", {st_mode=S_IFDIR|S_ISVTX|0777, st_size=23, ...}) = 0 stat("/var/lib/ldap/__db.001", {st_mode=S_IFREG|0600, st_size=8192, ...}) = 0 open("/var/lib/ldap/__db.001", O_RDWR|O_CREAT|O_EXCL, 0600) = -1 EEXIST (File exists) open("/var/lib/ldap/__db.001", O_RDWR|O_CREAT|O_EXCL, 0600) = -1 EEXIST (File exists) open("/var/lib/ldap/__db.001", O_RDWR|O_CREAT|O_EXCL, 0600) = -1 EEXIST (File exists) open("/var/lib/ldap/__db.001", O_RDWR) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 fstat(13, {st_mode=S_IFREG|0600, st_size=8192, ...}) = 0 close(13) = 0 open("/var/lib/ldap/__db.001", O_RDWR) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_SHARED, 13, 0) = 0x2abf18550000 close(13) = 0 stat("/var/lib/ldap/__db.002", {st_mode=S_IFREG|0600, st_size=2629632, ...}) = 0 open("/var/lib/ldap/__db.002", O_RDWR|O_CREAT, 0600) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 mmap(NULL, 2629632, PROT_READ|PROT_WRITE, MAP_SHARED, 13, 0) = 0x2abf18da3000 close(13) = 0 stat("/var/lib/ldap/__db.003", {st_mode=S_IFREG|0600, st_size=98304, ...}) = 0 open("/var/lib/ldap/__db.003", O_RDWR|O_CREAT, 0600) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 mmap(NULL, 98304, PROT_READ|PROT_WRITE, MAP_SHARED, 13, 0) = 0x2abf19025000 close(13) = 0 stat("/var/lib/ldap/__db.004", {st_mode=S_IFREG|0600, st_size=868352, ...}) = 0 open("/var/lib/ldap/__db.004", O_RDWR|O_CREAT, 0600) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 mmap(NULL, 868352, PROT_READ|PROT_WRITE, MAP_SHARED, 13, 0) = 0x2abf1903d000 close(13) = 0 stat("/var/lib/ldap/__db.005", {st_mode=S_IFREG|0600, st_size=24576, ...}) = 0 open("/var/lib/ldap/__db.005", O_RDWR|O_CREAT, 0600) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 mmap(NULL, 24576, PROT_READ|PROT_WRITE, MAP_SHARED, 13, 0) = 0x2abf19111000 close(13) = 0 stat("/var/lib/ldap/id2entry.bdb", {st_mode=S_IFREG|0600, st_size=65536, ...}) = 0 stat("/var/lib/ldap/id2entry.bdb", {st_mode=S_IFREG|0600, st_size=65536, ...}) = 0 open("/var/lib/ldap/id2entry.bdb", O_RDWR) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 read(13, "[EMAIL PROTECTED]"..., 512) = 512 close(13) = 0 stat("/var/lib/ldap/id2entry.bdb", {st_mode=S_IFREG|0600, st_size=65536, ...}) = 0 open("/var/lib/ldap/id2entry.bdb", O_RDWR) = 13 fcntl(13, F_SETFD, FD_CLOEXEC) = 0 fstat(13, {st_mode=S_IFREG|0600, st_size=65536, ...}) = 0 time(NULL) = 1155086433 stat("/var/lib/ldap/dn2id.bdb", {st_mode=S_IFREG|0600, st_size=16384, ...}) = 0 stat("/var/lib/ldap/dn2id.bdb", {st_mode=S_IFREG|0600, st_size=16384, ...}) = 0 open("/var/lib/ldap/dn2id.bdb", O_RDWR) = 14 fcntl(14, F_SETFD, FD_CLOEXEC) = 0 read(14, "\1\0\0\0\356\271\6\0\0\0\0\0b1\5\0\t\0\0\0\0\20\0\0\0\t"..., 512) = 512 close(14) = 0 stat("/var/lib/ldap/dn2id.bdb", {st_mode=S_IFREG|0600, st_size=16384, ...}) = 0 open("/var/lib/ldap/dn2id.bdb", O_RDWR) = 14 fcntl(14, F_SETFD, FD_CLOEXEC) = 0 fstat(14, {st_mode=S_IFREG|0600, st_size=16384, ...}) = 0 time(NULL) = 1155086433 write(2, "slapd starting\n", 15slapd starting ) = 15 mmap(NULL, 651264, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2abf19117000 mmap(NULL, 8392704, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS|0x40, -1, 0) = 0x40000000 mprotect(0x40000000, 4096, PROT_NONE) = 0 clone(child_stack=0x40800280, flags=CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID|CLONE_DETACHED, parent_tidptr=0x408009f0, tls=0x40800960, child_tidptr=0x408009f0) = 24541 futex(0x408009f0, FUTEX_WAIT, 24541, NULL # slapd is now waiting for a client to connect. # I run ldapsearch to connect to port 389+starttls. ldap_pvt_gethostbyname_a: host=server, r=0 connection_get(15) connection_get(15): got connid=0 connection_read(15): checking for input on id=0 ber_get_next ldap_read: want=8, got=8 0000: 30 1d 02 01 01 77 18 80 0....w.. ldap_read: want=23, got=23 0000: 16 31 2e 33 2e 36 2e 31 2e 34 2e 31 2e 31 34 36 .1.3.6.1.4.1.146 0010: 36 2e 32 30 30 33 37 6.20037 ber_get_next: tag 0x30 len 29 contents: ber_get_next ldap_read: want=8 error=Resource temporarily unavailable ber_get_next on fd 15 failed errno=11 (Resource temporarily unavailable) do_extended ber_scanf fmt ({m) ber: do_extended: oid=1.3.6.1.4.1.1466.20037 send_ldap_extended: err=0 oid= len=0 send_ldap_response: msgid=1 tag=120 err=0 ber_flush: 14 bytes to sd 15 0000: 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00 0....x........ ldap_write: want=14, written=14 0000: 30 0c 02 01 01 78 07 0a 01 00 04 00 04 00 0....x........ connection_get(15) connection_get(15): got connid=0 connection_read(15): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization tls_read: want=11, got=11 0000: 16 03 01 00 44 01 00 00 40 03 01 [EMAIL PROTECTED] tls_read: want=62, got=62 0000: 44 d9 38 65 17 bf 28 7d 4a 48 80 68 b1 9b d6 7b D.8e..(}JH.h...{ 0010: 04 64 ee c3 5e 15 2c 93 9e 94 92 f9 e1 45 c9 db .d..^.,......E.. 0020: 00 00 18 00 33 00 16 00 39 00 2f 00 0a 00 35 00 ....3...9./...5. 0030: 05 00 04 00 32 00 13 00 38 00 66 02 01 00 ....2...8.f... TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write certificate request A tls_write: want=1821, written=1821 0000: 16 03 01 00 4a 02 00 00 46 03 01 44 d9 38 65 22 ....J...F..D.8e" 0010: 6c 2e d9 11 99 70 49 f3 98 68 32 77 cb 15 59 1e l....pI..h2w..Y. 0020: 01 c7 7b 04 7f 2b 9a 08 e0 5d f0 20 d1 1d 4e 87 ..{..+...]. ..N. 0030: e6 45 ee dd 45 dd dd b9 ae 25 24 15 80 97 eb cb .E..E....%$..... 0040: e9 2a 71 3b ca 14 c6 80 9c ba a8 2f 00 2f 01 16 .*q;......././.. 0050: 03 01 06 28 0b 00 06 24 00 06 21 00 03 1b 30 82 ...(...$..!...0. 0060: 03 17 30 82 02 82 a0 03 02 01 02 02 01 02 30 0b ..0...........0. 0070: 06 09 2a 86 48 86 f7 0d 01 01 05 30 81 89 31 0b ..*.H......0..1. 0080: 30 09 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 0...U....US1.0.. 0090: 03 55 04 0a 13 08 6d 69 73 75 6d 61 73 75 31 1e .U....misumasu1. 00a0: 30 1c 06 03 55 04 0b 13 15 43 65 72 74 69 66 69 0...U....Certifi 00b0: 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 31 14 cate Authority1. 00c0: 30 12 06 03 55 04 07 13 0b 41 6c 62 75 71 75 65 0...U....Albuque 00d0: 72 71 75 65 31 13 30 11 06 03 55 04 08 13 0a 4e rque1.0...U....N 00e0: 65 77 20 4d 65 78 69 63 6f 31 1c 30 1a 06 03 55 ew Mexico1.0...U 00f0: 04 03 13 13 6d 69 73 75 6d 61 73 75 2e 64 79 6e ....misumasu.dyn 0100: 64 6e 73 2e 6f 72 67 30 1e 17 0d 30 36 30 31 32 dns.org0...06012 0110: 32 31 38 30 32 35 39 5a 17 0d 31 36 30 31 32 30 2180259Z..160120 0120: 31 38 30 32 35 39 5a 30 81 84 31 0b 30 09 06 03 180259Z0..1.0... 0130: 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 04 0a U....US1.0...U.. 0140: 13 08 6d 69 73 75 6d 61 73 75 31 14 30 12 06 03 ..misumasu1.0... 0150: 55 04 0b 13 0b 4c 44 41 50 20 53 65 72 76 65 72 U....LDAP Server 0160: 31 14 30 12 06 03 55 04 07 13 0b 41 6c 62 75 71 1.0...U....Albuq 0170: 75 65 72 71 75 65 31 13 30 11 06 03 55 04 08 13 uerque1.0...U... 0180: 0a 4e 65 77 20 4d 65 78 69 63 6f 31 21 30 1f 06 .New Mexico1!0.. 0190: 03 55 04 03 13 18 6c 64 61 70 2e 6d 69 73 75 6d .U....ldap.misum 01a0: 61 73 75 2e 64 79 6e 64 6e 73 2e 6f 72 67 30 81 asu.dyndns.org0. 01b0: 9c 30 0b 06 09 2a 86 48 86 f7 0d 01 01 01 03 81 .0...*.H........ 01c0: 8c 00 30 81 88 02 81 80 b6 32 ef 73 0e 50 9a 1a ..0......2.s.P.. 01d0: dd 7f 72 c8 59 dc fa 1e 6f 5f 7b ab 19 98 58 f2 ..r.Y...o_{...X. 01e0: 3a 0c 91 ac f3 06 18 a0 10 b4 d7 3e 69 94 ae 5d :..........>i..] 01f0: 24 62 9d e0 3d 53 1b 9e c3 ef 4a 24 aa 9c 0d ae $b..=S....J$.... 0200: 5a ba 3b 5c a6 6f ab 1b f6 08 af 12 5c 4e 9e cd Z.;\.o......\N.. 0210: 4a 4d a2 f6 7f fe 27 6f b1 be 87 c8 4a bc 57 80 JM....'o....J.W. 0220: e1 e2 67 c3 e5 76 c5 97 73 4c 25 19 77 1d 6f 49 ..g..v..sL%.w.oI 0230: 38 ac a4 3b 4d fb aa 80 fe 36 14 c7 94 e2 47 3b 8..;M....6....G; 0240: dd 25 f5 79 8d 44 7e cb 02 03 01 00 01 a3 81 98 .%.y.D~......... 0250: 30 81 95 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 0..0...U.......0 0260: 00 30 0f 06 03 55 1d 0f 01 01 ff 04 05 03 03 07 .0...U.......... 0270: a0 00 30 1d 06 03 55 1d 0e 04 16 04 14 a6 48 7b ..0...U.......H{ 0280: 6c 98 61 44 ba 45 00 97 58 a1 bb 2c a2 b6 8a 5e l.aD.E..X..,...^ 0290: 83 30 1f 06 03 55 1d 23 04 18 30 16 80 14 c2 af .0...U.#..0..... 02a0: 43 48 07 fb 8b 76 14 9a ab 17 f7 b1 0e a5 28 4b CH...v........(K 02b0: df 9f 30 34 06 03 55 1d 1f 04 2d 30 2b 30 29 a0 ..04..U...-0+0). 02c0: 27 a0 25 86 23 68 74 74 70 3a 2f 2f 77 77 77 2e '.%.#http://www. 02d0: 6d 69 73 75 6d 61 73 75 2e 64 79 6e 64 6e 73 2e misumasu.dyndns. 02e0: 6f 72 67 2f 63 72 6c 2f 30 0b 06 09 2a 86 48 86 org/crl/0...*.H. 02f0: f7 0d 01 01 05 03 81 81 00 21 9c 74 35 1c 11 eb .........!.t5... 0300: 15 4b 1d cd c4 2d 9e 37 f5 3e 6c e8 b6 b1 b6 41 .K...-.7.>l....A 0310: 46 1d a4 94 d3 aa d8 98 8a 50 48 75 e8 84 ce 2f F........PHu.../ 0320: c3 d6 5c 0c 70 8a 27 87 08 e3 61 7f a0 b4 dc a6 ..\.p.'...a..... 0330: af 36 82 cb 63 cb 31 db fc b8 ba 47 f7 23 c8 83 .6..c.1....G.#.. 0340: 84 9c a1 cd 7c 61 cd 6e 77 99 34 c7 e3 3e fe 7f ....|a.nw.4..>.. 0350: 6a ee 89 9e 90 3d 51 58 23 8e c9 ad 47 99 e8 35 j....=QX#...G..5 0360: 78 cd 1c ea 3e 13 52 ff ff 7e 12 26 64 c6 f0 f2 x...>.R..~.&d... 0370: 88 bb 3f fe 09 99 7a ce 46 00 03 00 30 82 02 fc ..?...z.F...0... 0380: 30 82 02 67 a0 03 02 01 02 02 01 01 30 0b 06 09 0..g........0... 0390: 2a 86 48 86 f7 0d 01 01 05 30 81 89 31 0b 30 09 *.H......0..1.0. 03a0: 06 03 55 04 06 13 02 55 53 31 11 30 0f 06 03 55 ..U....US1.0...U 03b0: 04 0a 13 08 6d 69 73 75 6d 61 73 75 31 1e 30 1c ....misumasu1.0. 03c0: 06 03 55 04 0b 13 15 43 65 72 74 69 66 69 63 61 ..U....Certifica 03d0: 74 65 20 41 75 74 68 6f 72 69 74 79 31 14 30 12 te Authority1.0. 03e0: 06 03 55 04 07 13 0b 41 6c 62 75 71 75 65 72 71 ..U....Albuquerq 03f0: 75 65 31 13 30 11 06 03 55 04 08 13 0a 4e 65 77 ue1.0...U....New 0400: 20 4d 65 78 69 63 6f 31 1c 30 1a 06 03 55 04 03 Mexico1.0...U.. 0410: 13 13 6d 69 73 75 6d 61 73 75 2e 64 79 6e 64 6e ..misumasu.dyndn 0420: 73 2e 6f 72 67 30 1e 17 0d 30 36 30 31 32 32 31 s.org0...0601221 0430: 37 34 35 30 38 5a 17 0d 31 36 30 31 32 32 31 37 74508Z..16012217 0440: 34 35 30 38 5a 30 81 89 31 0b 30 09 06 03 55 04 4508Z0..1.0...U. 0450: 06 13 02 55 53 31 11 30 0f 06 03 55 04 0a 13 08 ...US1.0...U.... 0460: 6d 69 73 75 6d 61 73 75 31 1e 30 1c 06 03 55 04 misumasu1.0...U. 0470: 0b 13 15 43 65 72 74 69 66 69 63 61 74 65 20 41 ...Certificate A 0480: 75 74 68 6f 72 69 74 79 31 14 30 12 06 03 55 04 uthority1.0...U. 0490: 07 13 0b 41 6c 62 75 71 75 65 72 71 75 65 31 13 ...Albuquerque1. 04a0: 30 11 06 03 55 04 08 13 0a 4e 65 77 20 4d 65 78 0...U....New Mex 04b0: 69 63 6f 31 1c 30 1a 06 03 55 04 03 13 13 6d 69 ico1.0...U....mi 04c0: 73 75 6d 61 73 75 2e 64 79 6e 64 6e 73 2e 6f 72 sumasu.dyndns.or 04d0: 67 30 81 9c 30 0b 06 09 2a 86 48 86 f7 0d 01 01 g0..0...*.H..... 04e0: 01 03 81 8c 00 30 81 88 02 81 80 e0 23 40 8e 3b [EMAIL PROTECTED]; 04f0: 60 e9 4a 8f 27 74 47 a6 d4 53 73 d7 7d 2b e7 11 `.J.'tG..Ss.}+.. 0500: 10 f2 db 58 e2 09 fe 37 17 29 97 d2 93 76 8a 7b ...X...7.)...v.{ 0510: fa db c2 2b 96 bb f9 10 af eb 3e 67 c5 78 aa 96 ...+......>g.x.. 0520: b7 36 3c e1 3c e5 25 8b c7 bf e6 1c 8b 5a 85 bb .6<.<.%......Z.. 0530: f0 a1 5b 94 9d 3b 45 34 c4 96 16 1f e5 5c 69 d4 ..[..;E4.....\i. 0540: 59 95 7f 80 75 ae b1 65 ae d2 5b 7b 59 02 68 7e Y...u..e..[{Y.h~ 0550: 2f 25 1a 93 a5 56 e3 09 2d 17 f1 c0 44 72 34 56 /%...V..-...Dr4V 0560: da ca 95 0e e3 a1 52 25 8b 2f 63 02 03 01 00 01 ......R%./c..... 0570: a3 79 30 77 30 0f 06 03 55 1d 13 01 01 ff 04 05 .y0w0...U....... 0580: 30 03 01 01 ff 30 0f 06 03 55 1d 0f 01 01 ff 04 0....0...U...... 0590: 05 03 03 07 06 00 30 1d 06 03 55 1d 0e 04 16 04 ......0...U..... 05a0: 14 c2 af 43 48 07 fb 8b 76 14 9a ab 17 f7 b1 0e ...CH...v....... 05b0: a5 28 4b df 9f 30 34 06 03 55 1d 1f 04 2d 30 2b .(K..04..U...-0+ 05c0: 30 29 a0 27 a0 25 86 23 68 74 74 70 3a 2f 2f 77 0).'.%.#http://w 05d0: 77 77 2e 6d 69 73 75 6d 61 73 75 2e 64 79 6e 64 ww.misumasu.dynd 05e0: 6e 73 2e 6f 72 67 2f 63 72 6c 2f 30 0b 06 09 2a ns.org/crl/0...* 05f0: 86 48 86 f7 0d 01 01 05 03 81 81 00 13 4b 65 88 .H...........Ke. 0600: 1a 74 79 11 3f 3b ff a8 90 33 95 11 62 56 98 73 .ty.?;...3..bV.s 0610: cb d5 2f a0 ef be c7 ea a6 36 13 db 80 45 1f 5e ../......6...E.^ 0620: a8 aa c2 d4 cf bd 50 5a 4c ab 67 99 23 77 74 00 ......PZL.g.#wt. 0630: e4 2a 3c 47 ea c4 e3 e9 3a 07 fb 7e c1 1a 12 30 .*<G....:..~...0 0640: 97 25 58 9f 8c 0f a2 59 76 3b cd 10 96 c8 c5 f1 .%X....Yv;...... 0650: 0c c4 04 a3 a6 c4 81 fd 5e 19 00 5c 69 3b f6 de ........^..\i;.. 0660: 0f 44 5a 5e ea 64 58 62 0f 87 64 1c e1 e5 35 34 .DZ^.dXb..d...54 0670: 70 34 89 5b b8 79 cd fe 12 01 51 57 16 03 01 00 p4.[.y....QW.... 0680: 9c 0d 00 00 94 03 01 02 40 00 8e 00 8c 30 81 89 [EMAIL PROTECTED] 0690: 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 11 30 1.0...U....US1.0 06a0: 0f 06 03 55 04 0a 13 08 6d 69 73 75 6d 61 73 75 ...U....misumasu 06b0: 31 1e 30 1c 06 03 55 04 0b 13 15 43 65 72 74 69 1.0...U....Certi 06c0: 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74 79 ficate Authority 06d0: 31 14 30 12 06 03 55 04 07 13 0b 41 6c 62 75 71 1.0...U....Albuq 06e0: 75 65 72 71 75 65 31 13 30 11 06 03 55 04 08 13 uerque1.0...U... 06f0: 0a 4e 65 77 20 4d 65 78 69 63 6f 31 1c 30 1a 06 .New Mexico1.0.. 0700: 03 55 04 03 13 13 6d 69 73 75 6d 61 73 75 2e 64 .U....misumasu.d 0710: 79 6e 64 6e 73 2e 6f 72 67 0e 00 00 00 yndns.org.... TLS trace: SSL_accept:SSLv3 flush data tls_read: want=5 error=Resource temporarily unavailable TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A connection_get(15) connection_get(15): got connid=0 connection_read(15): checking for input on id=0 tls_read: want=5, got=5 0000: 16 03 01 00 07 ..... tls_read: want=7, got=7 0000: 0b 00 00 03 00 00 00 ....... tls_write: want=7, written=7 0000: 15 03 01 00 02 02 28 ......( TLS trace: SSL3 alert write:fatal:handshake failure TLS trace: SSL_accept:error in SSLv3 read client certificate B TLS: can't accept. TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate s3_srvr.c:2455 connection_read(15): TLS accept failure error=-1 id=0, closing connection_closing: readying conn=0 sd=15 for close connection_close: conn=0 sd=15 # slapd is now waiting for a client to connect. # I hit ctrl-c to kill slapd and end the capture. <unfinished ...> daemon: shutdown requested and initiated. slapd shutdown: waiting for 0 threads to terminate slapd shutdown: initiated ====> bdb_cache_release_all slapd destroy: freeing system resources. slapd stopped.