terry.lemons@dell.com wrote:
Looping back to this... This smells bad, too:
CONNECTED(00000003) 139702302594704:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
OpenSSL 3.x does not have the s23*.c files. Confer, https://github.com/openssl/openssl/tree/master/ssl .
The last time there were s23*.c files, like s23_lib.c, was OpenSSL 1.0.2. Confer, https://github.com/openssl/openssl/tree/OpenSSL_1_0_2-stable/ssl .
When I look that error up with with OpenSSL 3.0.2, I get a bogus error back:
$ openssl errstr 0x140790E5 error:140790E5:UI routines::reason(495845)
$ openssl version OpenSSL 3.0.2 15 Mar 2022
I'm wondering if OpenLDAP was compiled and linked against one version of the OpenSSL library, but it is getting runtime-linked with another [non-binary compat] version of OpenSSL by ldd.
Are there multiple versions of OpenSSL available on that machine?
Jeff