https://bugs.openldap.org/show_bug.cgi?id=9732
Issue ID: 9732 Summary: OpenLDAP TLS ciphersuite and groups limit issue Product: OpenLDAP Version: 2.4.54 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: narayananballem@gmail.com Target Milestone: ---
Hi Team,
Hope you can help with this issue. I am trying to disable SSLV3 on OpenLDAP servers we are using OpenLDAP as a proxy with upstream Active directory servers. we are using CA certs on this openssl we would like to disable SSLV3 I added the below entry slapd.conf but when I tried to start slapd it's failing to start
TLSCipherSuite HIGH:MEDIUM:!SSLv2:!SSLV3
errors as below slapd[19899]: main: TLS init def ctx failed: -1 slapd[19899]: slapd stopped. slapd[19899]: connections_destroy: nothing to destroy.
debug logs restart as below
TLS: could not set cipher list HIGH:MEDIUM:!SSLv2:!SSLV3. 617c64c1 main: TLS init def ctx failed: -1 617c64c1 slapd stopped.
Also, did anybody notice this issue? I am facing the issue with a group display we have several users in group while looking for groups in getent group we are seeing a few groups not sure if there is any limit on group filed in Database