Tr: RE: RE [Samba] TLS connections between Samba&OpenLDAP
Bahya NASSR EDDINE
bahya_nassr at yahoo.fr
Wed Jul 27 09:53:17 GMT 2005
I think I guess what the error is.
I've configured slapd to require a valid certificate
for all TLS incoming sessions. However, I didn't
create a ertificate for OpenLDAP client. I am going to
do so.
--- Bahya NASSR EDDINE <bahya_nassr at yahoo.fr> a écrit
:
> Date: Wed, 27 Jul 2005 11:46:50 +0200 (CEST)
> De: Bahya NASSR EDDINE <bahya_nassr at yahoo.fr>
> Objet: RE: RE [Samba] TLS connections between
> Samba&OpenLDAP
> À: spu at corman.be, samba at lists.samba.org,
> openldap-software at OpenLDAP.org
>
>
> > Have you set :
> >
> > TLS_CACERT ldap.conf of openldap (not
> > /etc/ldap.conf)
> Now that I set TLS_CACERT to ca.pem file path in the
> appropriate ldap.conf, my slapd server returns (when
> I
> try to start smb services):
>
> TLS trace: SSL_accept:SSLv3 flush data
> tls_read: want=5, got=5
> 0000: 16 03 01 00 07
>
> .....
> tls_read: want=7, got=7
> 0000: 0b 00 00 03 00 00 00
>
> .......
> tls_write: want=7, written=7
> 0000: 15 03 01 00 02 02 28
>
> ......(
> TLS trace: SSL3 alert write:fatal:handshake failure
> TLS trace: SSL_accept:error in SSLv3 read client
> certificate B
> TLS trace: SSL_accept:error in SSLv3 read client
> certificate B
> TLS: can't accept.
> TLS: error:140890C7:SSL
> routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not
> return a certificate s3_srvr.c:1993
>
>
> Any idea please?
>
>
>
>
>
>
>
>
___________________________________________________________________________
>
> Appel audio GRATUIT partout dans le monde avec le
> nouveau Yahoo! Messenger
> Téléchargez cette version sur
> http://fr.messenger.yahoo.com
>
___________________________________________________________________________
Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
Téléchargez cette version sur http://fr.messenger.yahoo.com
More information about the samba
mailing list