Re: [Evolution] ldaps?

From: Chris Toshok <toshok ximian com>
To: "Thomas J. Baker" <tjb unh edu>
Cc: Evolution Mailing List <evolution ximian com>
Subject: Re: [Evolution] ldaps?
Date: 10 Jan 2003 10:27:26 -0800

I do here.  Well, I just fixed a post-1.2.1 regression that was keeping
it from working, but 1.2.1 should work..

Are you connecting to port 389 and doing STARTTLS or connecting to 636?

Here's my server output (with my latest patch):

connection_read(9): checking for input on id=0
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
connection_get(9): got connid=0
connection_read(9): checking for input on id=0
TLS trace: SSL_accept:SSLv3 read client key exchange A
TLS trace: SSL_accept:SSLv3 read finished A
TLS trace: SSL_accept:SSLv3 write change cipher spec A
TLS trace: SSL_accept:SSLv3 write finished A
TLS trace: SSL_accept:SSLv3 flush data

Chris

On Fri, 2003-01-10 at 06:50, Thomas J. Baker wrote:

On Thu, 2003-01-09 at 15:29, Thomas J. Baker wrote:

Is ldaps supposed to work? I'm working on setting up an ldap server on a
stock Red Hat 8.0 system and have it running with ldap. I now want to
swtich to ldaps but the slapd server reports the following error when
Evo 1.2.1 tries to connect:


connection_get(10)
connection_get(10): got connid=1
connection_read(10): checking for input on id=1
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:error in SSLv2/v3 read client hello A
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
s23_srvr.c:565
connection_read(10): TLS accept error error=-1 id=1, closing
connection_closing: readying conn=1 sd=10 for close
connection_close: conn=1 sd=10


Connecting with openssl s_client -state -debug -connect server:ldaps
seems to work fine. The ldap server reports the connection so it doesn't
appear to be the server.

Thanks,

tjb


Does anyone have ldaps working?

Thanks,

tjb

Follow-Ups:
- Re: [Evolution] ldaps?
  - From: Thomas J. Baker
- Re: [Evolution] ldaps?
  - From: Tony Earnshaw
- Re: [Evolution] ldaps?
  - From: Thomas J. Baker

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]