O Plameras
2004-Jul-19 00:01 UTC
[Samba] Failed to issue the StartTLS instruction: Connect error
Hi, I have two LDAP Servers with similar configurations. The main difference is that one runs Linux Fedora 1 and the other Linux Fedora 2. The Fedora 2 server runs correctly whilst the Fedora 1 LdAP doesn't with the error: Failed to issue the StartTLS instruction: Connect error. Following is an example of error message on Fedora 1. [root@otr etc]# net getlocalsid [2004/07/18 21:20:09, 0] lib/smbldap.c:smbldap_open_connection(624) Failed to issue the StartTLS instruction: Connect error [2004/07/18 21:20:09, 0] lib/smbldap.c:smbldap_search_suffix(1126) smbldap_search_suffix: Problem during the LDAP search: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure (Connect error) SID for domain LINUX is: S-1-5-21-631164965-3065778426-3560323935 [root@otr etc]# Can someone tell what and where I should be looking for ? Thanks. O Plameras
Gerald (Jerry) Carter
2004-Jul-20 20:36 UTC
[Samba] Failed to issue the StartTLS instruction: Connect error
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 O Plameras wrote: | Hi, | | I have two LDAP Servers with similar configurations. | The main difference is that one runs Linux Fedora 1 and the other Linux | Fedora 2. The Fedora 2 server runs | correctly whilst the Fedora 1 LdAP doesn't with the error: | | Failed to issue the StartTLS instruction: Connect error. | | Following is an example of error message on Fedora 1. | | [root@otr etc]# net getlocalsid | [2004/07/18 21:20:09, 0] lib/smbldap.c:smbldap_open_connection(624) | Failed to issue the StartTLS instruction: Connect error | [2004/07/18 21:20:09, 0] lib/smbldap.c:smbldap_search_suffix(1126) | smbldap_search_suffix: Problem during the LDAP search: | error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake | failure (Connect error) | SID for domain LINUX is: S-1-5-21-631164965-3065778426-3560323935 | [root@otr etc]# | | Can someone tell what and where I should be looking for ? Thanks. aMake sure that you can connect to the LDAP directory server using ldapsearch -ZZ. This is probably an issue with the LDAP server's certificate. Probably not a Samba issue. cheers, jerry - ---------------------------------------------------------------------- Hewlett-Packard ------------------------- http://www.hp.com SAMBA Team ---------------------- http://www.samba.org GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc "...a hundred billion castaways looking for a home." ----------- Sting -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFA/YIaIR7qMdg1EfYRAlqxAKCvVAECs5lpQNNrFMKs8C1iJLWbrQCgrFge DLR45310EeTiXsVUVhv4O7Y=iQiG -----END PGP SIGNATURE-----