thanks, i was able to fix the error by setting tls max from TLS1.3 to TLS1.2. i can now query on the TLS port, however, replication status is now "In synchroinzation". unfortunately nothing's popping in the error log
On Thu, Nov 6, 2025 at 2:48 PM Mark Reynolds <[email protected]> wrote: > > Hi Michael, > > Can you run this command (replace INSTANCE with your instance's name), > and share what it displays: > > # dsconf slapd-INSTANCE security get > > Does this work or fail? We don't need to see the output unless it fails > > # dsconf slapd-INSTANCE security key list > > Thanks, > > Mark > > > On 11/6/25 9:18 AM, Michael DiDomenico via 389-users wrote: > > we upgraded from rhel9.5 to 9.6 and now our 389ds server is throwing this > > error > > > > ERR Security Initialization SSL failure: Security Initialization - > > slapd_ssl_init2 - Failed to set SSL range: min: TLS1.0, max: TLS1.0 - > > error -8190 (security library: received bad data) > > > > as far as i can tell ldap on port 389 is still working, so it's only > > affecting the TLS side of things, but i can't seem to figure out > > what's gone wrong. > > > > i have a case open with redhat, but maybe someone here might have a > > suggestion > > > > thanks > > -- > Identity Management Development Team > -- _______________________________________________ 389-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
