--On Friday, October 17, 2008 6:21 PM +0200 Mayer Gabor
<[EMAIL PROTECTED]> wrote:
Package: libldap-2.4-2
Version: 2.4.11-1
Severity: normal
server slapd.conf:
TLSCACertificateFile /etc/ldap/server.crt
TLSCertificateFile /etc/ldap/server.crt
TLSCertificateKeyFile /etc/ldap/server.key
TLSVerifyClient true
client ldap.conf:
BASE dc=example,dc=org
URI ldaps://ldap.example.org
TLS_CACERT /etc/ldap/server.crt
TLS_CERT /etc/ldap/server.crt
TLS_KEY /etc/ldap/server.key
client log:
ldapsearch -d 255 -x
TLS: can't connect: A TLS fatal alert has been received..
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
server log:
TLS trace: SSL3 alert write:fatal:handshake failure
TLS trace: SSL_accept:error in SSLv3 read client certificate B
TLS: can't accept.
TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not
return a certificate s3_srvr.c:2455
So you attempted to connect to a server that it couldn't contact, and that
server didn't return a cert (since it can't be contacted). What exactly is
the bug here?
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
