Nope, fips is turned off both settings from systemctl are set to 'yes'
I think everything's working now. the "In Synchronization" threw me, when coupled with the Last Update Status, which shows "Error (0) Replica acquired successfully: Incremental update succeeded". When you read it more slowly it makes sense, but a casual look makes it seem like the replication is ongoing and there's an error somewhere On Thu, Nov 6, 2025 at 3:52 PM Viktor Ashirov <[email protected]> wrote: > > FIPS mode? > > What's the output of > systemctl show dirsrv@INSTANCE | grep -E > 'ProtectKernelTunables|ProtectControlGroups' > > Thanks. > On Thu, Nov 6, 2025 at 4:01 PM Michael DiDomenico via 389-users > <[email protected]> wrote: >> >> 389-ds is 2.6.1-12.el9_6 >> nss-3.112.0-4.el9_4 >> >> On Thu, Nov 6, 2025 at 2:56 PM Viktor Ashirov via 389-users >> <[email protected]> wrote: >> > >> > >> > >> > On Thu, Nov 6, 2025 at 3:54 PM Viktor Ashirov <[email protected]> wrote: >> >> >> >> Hi Michael, >> >> >> >> On Thu, Nov 6, 2025 at 3:19 PM Michael DiDomenico via 389-users >> >> <[email protected]> wrote: >> >>> >> >>> we upgraded from rhel9.5 to 9.6 and now our 389ds server is throwing >> >>> this error >> >>> >> >>> ERR Security Initialization SSL failure: Security Initialization - >> >>> slapd_ssl_init2 - Failed to set SSL range: min: TLS1.0, max: TLS1.0 - >> >>> error -8190 (security library: received bad data) >> >>> >> >>> as far as i can tell ldap on port 389 is still working, so it's only >> >>> affecting the TLS side of things, but i can't seem to figure out >> >>> what's gone wrong. >> >>> >> >>> i have a case open with redhat, but maybe someone here might have a >> >>> suggestion >> >> >> >> I checked the case and there was not enough information. >> >> Please provide sosreport there, and someone from support will pick it up >> >> soon. >> > >> > Or at least versions of 389-ds-base, nss, if you can't share any >> > sosreports. >> >> >> >> Thanks! >> >>> >> >>> >> >>> thanks >> >>> -- >> >>> _______________________________________________ >> >>> 389-users mailing list -- [email protected] >> >>> To unsubscribe send an email to [email protected] >> >>> Fedora Code of Conduct: >> >>> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> >>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> >>> List Archives: >> >>> https://lists.fedoraproject.org/archives/list/[email protected] >> >>> Do not reply to spam, report it: >> >>> https://pagure.io/fedora-infrastructure/new_issue >> >> >> >> >> >> >> >> -- >> >> Viktor >> > >> > >> > >> > -- >> > Viktor >> > -- >> > _______________________________________________ >> > 389-users mailing list -- [email protected] >> > To unsubscribe send an email to [email protected] >> > Fedora Code of Conduct: >> > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> > List Archives: >> > https://lists.fedoraproject.org/archives/list/[email protected] >> > Do not reply to spam, report it: >> > https://pagure.io/fedora-infrastructure/new_issue >> -- >> _______________________________________________ >> 389-users mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> Fedora Code of Conduct: >> https://docs.fedoraproject.org/en-US/project/code-of-conduct/ >> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines >> List Archives: >> https://lists.fedoraproject.org/archives/list/[email protected] >> Do not reply to spam, report it: >> https://pagure.io/fedora-infrastructure/new_issue > > > > -- > Viktor -- _______________________________________________ 389-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
