On Thu, Mar 13, 2008 at 11:01 AM, Narayana Murthy Pedapudi <p.narayanamurthy@gmail.com> wrote:

    Please note that I have not used TLSVerifyClient property at all....
    # moduleload    back_shell.la

    TLSCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM
    :+LOW:+SSLv2:+SSLv3:+EXP
    TLSCACertificateFile /usr/local/var/openldap-data/cacert.pem
    TLSCertificateFile /usr/local/var/openldap-data/servercrt.pem
    TLSCertificateKeyFile /usr/local/var/openldap-data/serverkey.pem

    # Client verification not required
    #TLSVerifyClient never

    But I get a different error if I use TLSVerifyclient demand
    # Client verification not required
    TLSVerifyClient demand

    Please find below exception for this
    java.net.SocketException: Software caused connection abort: recv failed
            at java.net.SocketInputStream.socketRead0(Native Method)
            at java.net.SocketInputStream.read(SocketInputStream.java:129)
            at com.sun.net.ssl.internal.ssl.InputRecord.readFully(InputRecord.java:293)
            at com.sun.net.ssl.internal.ssl.InputRecord.read(InputRecord.java:331)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:723)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1366)
            at com.sun.net.ssl.internal.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:103)
            at com.sun.net.ssl.internal.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:590)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshak
    java:698)
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:62
            at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:160
            at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
            at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:
    0)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1057)
            at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1041)
            at com.sun.jndi.ldap.ext.StartTlsResponseImpl.startHandshake(StartTlsResponseImpl.java:34
            at com.sun.jndi.ldap.ext.StartTlsResponseImpl.negotiate(StartTlsResponseImpl.java:208)
            at com.sun.jndi.ldap.ext.StartTlsResponseImpl.negotiate(StartTlsResponseImpl.java:161)
            at ModifyAttr.main(ModifyAttr.java:38)

    Thanks in advance..


    --
    Narayana Murthy