At 02:07 AM 1/21/2007, Jean-Yves Avenard wrote:
Other clients seem to work well over SSL. I am missing something in the slapd.conf?
Given other clients seem to work well using ldaps://, it seems more likely that this particular client is not properly configured or is otherwise flawed.
conn=14 fd=14 ACCEPT from IP=124.168.139.185:50884 (IP=0.0.0.0:636) TLS: can't accept. TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown
I guess that the client is configured to use ldap://server:636 not ldaps://server:636.
Kurt
Hi
On 1/22/07, Kurt D. Zeilenga Kurt@openldap.org wrote:
Given other clients seem to work well using ldaps://, it seems more likely that this particular client is not properly configured or is otherwise flawed.
Unfortunately, I have no play on how to configure this client as this is one major one ! Actually, two quite common do not work with OpenLDAP over SSL :( But they will work fine over a non encrypted link
I guess that the client is configured to use ldap://server:636 not ldaps://server:636.
That was my guess also. I there anything I can do on the server side to get over the flaw of broken clients ?
Thank you Jean-Yves
openldap-software@openldap.org
-
Jean-Yves Avenard -
Kurt D. Zeilenga