Hello,

I have managed to start the migrated LDAP server on Rocky 9, v2.6.9 LTB.

It seems to be working fine but, I cannot connect over ssl (ldaps, port 636).

I am trying to connect with Apache Directory Studio but it fails, although I am using the same certificate as on the orignal server (the cert covers both server names).

I have enabled conns logging on the server and I see connection coming in, but for some reason it fails (input error=-2):

Could you please guide me to troubleshoot this?

May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 busy
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: accept() = 14
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: listen=9, new connection on 14
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: added 14r (active) listener=(nil)
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: conn=1002 fd=14 ACCEPT from IP=195.251.xxx.xxx:51334 (IP=0.0.0.0:636)
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:  14r
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: read active on 14
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:  14r
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: read active on 14
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:  14r
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: read active on 14
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: conn=1002 fd=14 TLS established tls_ssf=256 ssf=256 tls_proto=TLSv1.3 tls_cipher=TLS_AES_256_GCM_SHA384
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:  14r
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: read active on 14
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: conn=1002 op=0 BIND dn="uid=userx,ou=people,dc=noa,dc=gr" method=128
May 21 11:19:14 ldap1.noa.gr slapd[17512]: conn=1002 op=0 BIND dn="uid=userx,ou=people,dc=noa,dc=gr" mech=SIMPLE bind_ssf=0 ssf=256
May 21 11:19:14 ldap1.noa.gr slapd[17512]: conn=1002 op=0 RESULT tag=97 err=0 qtime=0.000034 etime=0.000475 text=
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:14 ldap1.noa.gr slapd[17512]:
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:14 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:44 ldap1.noa.gr slapd[17512]:  14r
May 21 11:19:44 ldap1.noa.gr slapd[17512]:
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: read active on 14
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: connection_read(14): input error=-2 id=1002, closing.
May 21 11:19:44 ldap1.noa.gr slapd[17512]: connection_closing: readying conn=1002 sd=14 for close
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: removing 14
May 21 11:19:44 ldap1.noa.gr slapd[17512]: conn=1002 fd=14 closed (connection lost)
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: activity on 1 descriptor
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: activity on:
May 21 11:19:44 ldap1.noa.gr slapd[17512]:
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=9 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=10 active_threads=0 tvp=NULL
May 21 11:19:44 ldap1.noa.gr slapd[17512]: daemon: epoll: listen=11 active_threads=0 tvp=NULL

I have tried removing the olcTLSCipherSuite attribute, but it won't work anyway.

As a side note, I see that logging is directed to the journal. Could I redirect it to a file instead? I have set olcLogFile, but logging is directed to the journal nevertheless.

Thanks a lot,
Nick