[Samba] Stymied with samba vs openldap SSL ("Failed to issue the StartTLS instruction...")
Graham Allan
allan at physics.umn.edu
Thu Jan 7 16:40:26 UTC 2016
On 01/06/2016 03:54 PM, Lee Brown wrote:
>
> That's about the stage I can never dig deeper into. OK, so we know
> application X is having an SSL failure, so how can we crank up the SSL
> verbosity? Typically I can use openssl s_client to get a clue, although
> you can't always do that either (Postgresql for example).
Unfortunately (in this case), openssl s_client seems perfectly happy
with connecting to the ldap server - though of course I can only test
ldaps on port 636 with this, I don't believe s_client knows how to
initiate a TLS session with openldap.
As both ldap+TLS and ldaps fail for me in smbd, I've been treating them
as equivalent so far. I guess I could dig more into the ldaps connection
type as I did for TLS, with tshark and gdb; maybe something different
will present itself...
Graham
--
More information about the samba
mailing list