Fabian Steiner wrote:
Of course, I don't want to hijack the OP's thread but as our problems seem to be rather similar I can also provide the corresponding slapd log:
This looks like a simple configuration error; you have slapd configured to require client certificates and the client didn't send one. Either you need to configure the client with a certificate, or you need to relax the requirement on the server.
[...] slapd startingslap_listener(ldap:///)ldap_pvt_gethostbyname_a: host=uranos, r=0connection_get(11): got connid=0 connection_read(11): checking for input on id=0 ber_get_next ber_get_next: tag 0x30 len 29 contents: ber_get_next ber_get_next on fd 11 failed errno=11 (Resource temporarily unavailable) do_extended ber_scanf fmt ({m) ber: send_ldap_extended: err=0 oid= len=0 send_ldap_response: msgid=1 tag=120 err=0 ber_flush: 14 bytes to sd 11 connection_get(11): got connid=0 connection_read(11): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write certificate request A TLS trace: SSL_accept:SSLv3 flush data TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A connection_get(11): got connid=0 connection_read(11): checking for input on id=0 TLS trace: SSL3 alert write:fatal:handshake failure TLS trace: SSL_accept:error in SSLv3 read client certificate B TLS: can't accept. TLS: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate s3_srvr.c:2471 connection_read(11): TLS accept failure error=-1 id=0, closing
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
