Hi.

I am trying to get a client to connect over SSL.

A ldapsearch work on linux using SSL, however, when this specific client tried to access (which I can't name here for some reasons!) it I get the following error in OpenLDAP:

conn=14 fd=14 ACCEPT from IP=124.168.139.185:50884 (IP=0.0.0.0:636) TLS: can't accept. TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol s23_srvr.c:562 conn=14 fd=14 closed (TLS negotiation failure) conn=9 op=3 BIND dn="" method=128 conn=9 op=3 RESULT tag=97 err=0 text= conn=9 op=4 UNBIND conn=9 fd=13 closed

Other clients seem to work well over SSL. I am missing something in the slapd.conf? The SSL related configuration I have are:

TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCertificateFile /usr/local/etc/openldap/cert.pem TLSCertificateKeyFile /usr/local/etc/openldap/cert.pem TLSCACertificateFile /usr/local/etc/openldap/ca-bundle.crt

TLSVerifyClient allow

Somebody posted a similar question last year on this distribution list, however he didn't get any answers. I was hopeful this is a common issue.

Thank you Jean-Yves