Hi Jeff
The '0 bytes read' keeps bothering me.
Is there a firewall on the machine? Maybe a WAF with knowledge of ldap? If it was a regular firewall, the connection would not be setup. Things would fail immediately before the client tries the handshake.
A WAF might allow the connection to succeed, but then filter the response. That might explain the 0 bytes read.
I'm using a freshly-deployed SLES 15 SP4 system, on which the firewall is not installed. When I use these two commands, I see the same output (which, I _think_ would not be the case if a firewall were active on this system):
openssl s_client -connect localhost:636 -servername ldpdd042.hop.lab.emc.com -CAfile /etc/ssl/private/server.cert openssl s_client -connect ldpdd042.hop.lab.emc.com:636 -servername ldpdd042.hop.lab.emc.com -CAfile /etc/ssl/private/server.cert
Thanks tl
Internal Use - Confidential