Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

On 21Oct21 18:39+0300, Nick Milas wrote: > It shows that the CA/cert has issues. Yet, everything was working fine > until last upgrade! Check your ldaprc for TLS_REQCERT. Maybe that changed in the upgrade? -- Bastian TweddellJuelich Supercomputing Centre smime.p7s Description:

Antw: [EXT] Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

>>> Quanah Gibson-Mount schrieb am 21.10.2021 um 19:29 in Nachricht <125627C2D6AF4AE00EF3FCDF@[192.168.1.11]>: > > --On Thursday, October 21, 2021 7:54 PM +0300 Nick Milas > wrote: > >> On 21/10/2021 6:39 μ.μ., Nick Milas wrote: >> >>> From the journal, some excerpts (it is very long): >> >>

Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

--On Thursday, October 21, 2021 7:54 PM +0300 Nick Milas wrote: On 21/10/2021 6:39 μ.μ., Nick Milas wrote: From the journal, some excerpts (it is very long): My fault: I copied parts from the journal before the restart :( Here is the actual log after restart: The client side still

Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

On 21/10/2021 6:39 μ.μ., Nick Milas wrote: From the journal, some excerpts (it is very long): My fault: I copied parts from the journal before the restart :( Here is the actual log after restart: Oct 21 18:31:28 ldap.noa.gr systemd[1]: slapd.service start operation timed out. Terminating.

Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

Nick Milas wrote: > Thank you for the reply: > > Here it is: > It shows that the CA/cert has issues. Yet, everything was working fine until > last upgrade! Well, it's not going to lie to you. Your CA cert isn't recognized, so some other upgrade must have mucked with your certs or LDAP config.

Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

Thank you for the reply: Here it is: # ldapwhoami -H ldaps://ldap.noa.gr:636 -x -d -1 ldap_url_parse_ext(ldaps://ldap.noa.gr:636) ldap_create ldap_url_parse_ext(ldaps://ldap.noa.gr:636/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection

Re: Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

Nick Milas wrote: > Hello, > > Our main OpenLDAP Server (running on CentOS 7) has been working fine with > 2.4.58. > > Since yesterday, after a (minor, see at the end) OS upgrade which included an > update to LTB Openldap 2.4.59, SSL clients see: > > # ldapwhoami -H ldaps://ldap.noa.gr:636 -x

Problem with SSL/TLS on CentOS 7 after upgrading to 2.4.59

Hello, Our main OpenLDAP Server (running on CentOS 7) has been working fine with 2.4.58. Since yesterday, after a (minor, see at the end) OS upgrade which included an update to LTB Openldap 2.4.59, SSL clients see: # ldapwhoami -H ldaps://ldap.noa.gr:636 -x ldap_sasl_bind(SIMPLE): Can't