> > with "export NSS_DISABLE_HW_GCM=1", there are no crashes, with and > without the cipher option. Moreover, with the cipher option it says: > > CONNECTED(00000003) > 139960478934944:error:14077410:SSL > routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake > failure:s23_clnt.c:744: > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 7 bytes and written 119 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > > > With "export NSS_DISABLE_HW_AES=1" there are no crashes. >
I'm suspicious here. You should be seeing a peer certificate, but you aren't. With the first set of output you showed, it looked like a cert was sent to you. Can you show us your cn=encryption,cn=config from dse.ldif? -- Sincerely, William Brown Software Engineer Red Hat, Brisbane
signature.asc
Description: This is a digitally signed message part
-- 389 users mailing list 389-users@%(host_name)s http://lists.fedoraproject.org/admin/lists/389-users@lists.fedoraproject.org
