What version are you running? ITS#4583 often manifested itself with this message. Upgrade to the latest 2.3 OpenLDAP release (bumping up OpenSSL while you're at it might be a good idea too), and if you're still having this issue you can turn up slapd/ldapsearch debugging, post config files, etc.
On Mon, 16 Jul 2007, sridhar varadarajan wrote:
Hello freinds, This is Sri.i have a encountered a problem while tring to work with ldapsearch on port 636 .. though slapd in my server system is listening to both 636 & 389 ports. my server is configured in LINUX machine while my client is SOLARIS machine. i have added these lines to slapd.conf :(path of my server and client certificates) and ldap.conf with( HOST rsasol1 ,PORT 636). (FYI::but ldapsearch is working fine with 389 port.) rsasol1 is hostname of my machine. it throws an error: *can`t contact ldapserver(-1)*
addiditionalinfo:error:140943FC:SSL routines:SSL#_READ_BYTES:sslv3 laert bad record mac*
can any one of us help me in this issue.
thanks in advance
with regards, sri.