[Samba] Stymied with samba vs openldap SSL ("Failed to issue the StartTLS instruction...")
Graham Allan
allan at physics.umn.edu
Thu Jan 7 15:59:18 UTC 2016
On 1/6/2016 5:04 PM, John Hixson wrote:
> On Tue, Jan 05, 2016 at 05:35:21PM -0600, Graham Allan wrote:
>> I know this is something which should have a simple fix but I'm failing
>> to see it somehow.
>>
>> I'm moving samba service between a couple of FreeBSD systems (9.3 to
>> 10.2), and I'm stuck on getting samba on the new machine to connect to
>> our openldap server over ssl - frustrating since I've been running
>> samba+ldap for 15 years or so; feel sure I'm missing something basic!
>> I'm getting the traditional error of "Failed to issue the StartTLS
>> instruction: Connect error".
>>
>> I've tried this with two versions of samba: 3.6.25 (same version as the
>> working installation on the older server) and 4.2.3, and get the same
>> issue with both.
>
> I work on FreeNAS and have at least one complaint about this exact same
> issue. I'm interested in a solution (or reason for this) as well.
>
> - John
That's interesting. Maybe it makes me feel better that I might not
missing something stupid...
Are the complaints related to the beta version of FreeNAS (based on
FreeBSD 10.x)? I've never had any problems on 9.x. I have the same
version of samba on each, built in tinderbox with identical options, and
only the 10.x version has this issue for me.
The only pertinent difference I can think of is that 9.x uses openssl
0.9.8, while 10.x uses 1.0.1, but since the openldap client libraries
themselves work fine with ssl on both, it's hard to point the finger at
that.
Graham
More information about the samba
mailing list