Hi Jeff > The '0 bytes read' keeps bothering me. > > Is there a firewall on the machine? Maybe a WAF with knowledge of ldap? If it > was a regular firewall, the connection would not be setup. > Things would fail immediately before the client tries the handshake. > > A WAF might allow the connection to succeed, but then filter the response. > That might explain the 0 bytes read.
I'm using a freshly-deployed SLES 15 SP4 system, on which the firewall is not installed. When I use these two commands, I see the same output (which, I _think_ would not be the case if a firewall were active on this system): openssl s_client -connect localhost:636 -servername ldpdd042.hop.lab.emc.com -CAfile /etc/ssl/private/server.cert openssl s_client -connect ldpdd042.hop.lab.emc.com:636 -servername ldpdd042.hop.lab.emc.com -CAfile /etc/ssl/private/server.cert Thanks tl Internal Use - Confidential
