[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: slapd[5100]: connection_read(12): TLS accept error error=-1



On Fri, May 27, 2005 at 09:19:54PM +0200, Geert Stappers wrote:
> On Fri, May 27, 2005 at 09:17:39AM +0200, Ragnar Wisløff wrote:
 <snip/>
> > Add to /etc/ldap/ldap.conf 
> > 
> > TLS_REQCERT allow


That was indeed the trick
(see below for more information)

> > 
> > for each client you want to accept a self-signed certificate. If you want 
> > nothing to do with certificates at all, then use 
> > 
> > TLS_REQCERT never
> > 
> > man 5 ldap.conf gives you all the gory details.
> 
> That did bring 
> --- slapd.conf  2005/05/27 09:02:44     1.12
> +++ slapd.conf  2005/05/27 17:23:06     1.13
 <snip/>


F-word!


    slapd.conf !=  ldap.conf


> 
> The problem presists ...
> 
> My current clue is 
> 
>  " You also should ensure that your TLS environment is sane through testing
>    with openssl's s_client and s_server codes. "

That was interresting, but an irrelevant side track.


Thanks
Geert Stappers



Reply to: