On 5/12/2023 6:35 PM, Jeffrey Walton wrote: > I really feel like there's something wrong with the server configuration.
Entirely possible but, like the guy looking for his keys under the streetlight, I wanted to check something I knew how to check :-) If the client is saying something reasonable (like TLS 1.2 or 1.3, not 1.1 or 1.0) and is offering a reasonable set of ciphers, then the server is sick. > Doesn't systemd open a socket even if a service is _not_ running? I > think systemd does it to make the service start fast. I.e., a > `systemctl start slapd.service` will happen quickly because the > listening socket is already operating. > I'm not a Linux guy - I work on Solaris - but assuming that systemd operates something like its predecessor inetd, it opens sockets for transient services, so that the system can receive a connection and only *then* start up a program to handle it. Long-lived servers aren't handled that way. (And the cost to set up a listening socket is negligible.) -- Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris