Bahya NASSR EDDINE
2005-Jul-27 09:53 UTC
Tr: RE: RE [Samba] TLS connections between Samba&OpenLDAP
I think I guess what the error is. I've configured slapd to require a valid certificate for all TLS incoming sessions. However, I didn't create a ertificate for OpenLDAP client. I am going to do so. --- Bahya NASSR EDDINE <bahya_nassr@yahoo.fr> a ?crit :> Date: Wed, 27 Jul 2005 11:46:50 +0200 (CEST) > De: Bahya NASSR EDDINE <bahya_nassr@yahoo.fr> > Objet: RE: RE [Samba] TLS connections between > Samba&OpenLDAP > ?: spu@corman.be, samba@lists.samba.org, > openldap-software@OpenLDAP.org > > > > Have you set : > > > > TLS_CACERT ldap.conf of openldap (not > > /etc/ldap.conf) > Now that I set TLS_CACERT to ca.pem file path in the > appropriate ldap.conf, my slapd server returns (when > I > try to start smb services): > > TLS trace: SSL_accept:SSLv3 flush data > tls_read: want=5, got=5 > 0000: 16 03 01 00 07 > > ..... > tls_read: want=7, got=7 > 0000: 0b 00 00 03 00 00 00 > > ....... > tls_write: want=7, written=7 > 0000: 15 03 01 00 02 02 28 > > ......( > TLS trace: SSL3 alert write:fatal:handshake failure > TLS trace: SSL_accept:error in SSLv3 read client > certificate B > TLS trace: SSL_accept:error in SSLv3 read client > certificate B > TLS: can't accept. > TLS: error:140890C7:SSL > routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not > return a certificate s3_srvr.c:1993 > > > Any idea please? > > > > > > > >___________________________________________________________________________> > Appel audio GRATUIT partout dans le monde avec le > nouveau Yahoo! Messenger > T?l?chargez cette version sur > http://fr.messenger.yahoo.com >___________________________________________________________________________ Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger T?l?chargez cette version sur http://fr.messenger.yahoo.com
Reasonably Related Threads
Wisdom of the Ancients
