Hi there. I've problem setting up SLAPD + TLS and libnss-ldap. When I try to get the passwd entry with getent passwd I get the following error:
TLS: can't accept: A record packet with illegal version was received.. connection_read(13): TLS accept failure error=-1 id=18, closing
This is a certificate problem or libnss-ldap configuration problem? I've also tested slapd and tls with gnutls-cli and openssl s_client and they complete test successfully. I've also tested my certificate with openssl verify, and also this test has been completed successfully. My nsswitch.conf is configured with files and ldap.
Then, i've created my certificate with the following command:
# /usr/lib/ssl/misc/CA.pl -newca /* to create the ca certificate and key*/
# openssl req -newkey rsa:1024 -nodes -keyout key.pem -out newreq.pem /*for server/client certificate building and sing*/ # /usr/lib/ssl/misc/CA.pl -sign
I've tried using only openssl with slapd and all work very good, but not with GnuTLS. My system is Debian Lenny.
There's something that is wrong in certificate creation? What is the meaning of "A record packet with illegal version was received"? This is a bug or a mismatch configuration?
Thanks in advance.