Niki Hammler wrote:
Howard Chu schrieb:
> Niki Hammler wrote:
> That's enough. The SSL library has obviously failed:
>> TLS: error:140B512D:SSL routines:SSL_GET_NEW_SESSION:ssl session id
>> callback failed ssl_sess.c:232
> This failure indicates that the SSL library was unable to generate a
> session ID for the session. Generating the session ID just requires
> generating a single random number (and checking that the number hasn't
> been used before). On a freshly started server, this should never fail.
> Check the permissions of /dev/random and /dev/urandom on your virtual
> server. Make sure they are readable by the openldap user.
> No bug here, just a misconfigured system...
Thank you very much!
For strange reasons the /dev directory had 700 permissons (I saw that
all VServer have these permissions by default).
Thank you for this hint, I never would have guessed this as all the
output did not contain any reference to /dev...
It might be worthwhile to submit a bug report to the OpenSSL folks, asking them
to log something useful when they fail to open /dev/random...
Thank you, now everything works fine :-)
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/