Hello, i have a problem with tls connections to my openldap server. The openldap server is running on debian. I created all certificates with openssl. If I use ldapsearch on the server (SASL//EXTERNAL mech/) everything works fine, but if i try to connect with jxplorer, ldapbrowser (softera), eclipse (apache directoy), or with the examples from jldap, i always got the same error: javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake This is the log from the openldap server. Sep 5 08:18:33 domain slapd[1770]: slapd starting Sep 5 08:18:33 domain slapd[1770]: daemon: added 4r listener=(nil) Sep 5 08:18:33 domain slapd[1770]: daemon: added 6r listener=0x8129238 Sep 5 08:18:33 domain slapd[1770]: daemon: added 7r listener=0x8129300 Sep 5 08:18:33 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:18:33 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: activity on 1 descriptor Sep 5 08:20:46 domain slapd[1770]: >>> slap_listener(ldap:///) Sep 5 08:20:46 domain slapd[1770]: daemon: listen=7, new connection on 12 Sep 5 08:20:46 domain slapd[1770]: daemon: added 12r (active) listener=(nil) Sep 5 08:20:46 domain slapd[1770]: conn=0 fd=12 ACCEPT from IP=192.168.0.2:2578 (IP=0.0.0.0:389) Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: activity on 1 descriptor Sep 5 08:20:46 domain slapd[1770]: daemon: activity on: Sep 5 08:20:46 domain slapd[1770]: 12r Sep 5 08:20:46 domain slapd[1770]: Sep 5 08:20:46 domain slapd[1770]: daemon: read activity on 12 Sep 5 08:20:46 domain slapd[1770]: connection_get(12) Sep 5 08:20:46 domain slapd[1770]: connection_get(12): got connid=0 Sep 5 08:20:46 domain slapd[1770]: connection_read(12): checking for input on id=0 Sep 5 08:20:46 domain slapd[1770]: ber_get_next on fd 12 failed errno=0 (Success) Sep 5 08:20:46 domain slapd[1770]: connection_read(12): input error=-2 id=0, closing. Sep 5 08:20:46 domain slapd[1770]: connection_closing: readying conn=0 sd=12 for close Sep 5 08:20:46 domain slapd[1770]: connection_close: conn=0 sd=-1 Sep 5 08:20:46 domain slapd[1770]: daemon: removing 12 Sep 5 08:20:46 domain slapd[1770]: conn=0 fd=12 closed (connection lost) Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: activity on 1 descriptor Sep 5 08:20:46 domain slapd[1770]: daemon: waked Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=6 active_threads=0 tvp=NULL Sep 5 08:20:46 domain slapd[1770]: daemon: select: listen=7 active_threads=0 tvp=NULL What the meaning of the two lines ber_get_next on fd 12 failed errno=0 (Success) connection_read(12): input error=-2 id=0, closing. Sorry for my bad english. thx for help. Any help or pointers would be appreciated. Thanks. Norman