Re: Debugging TLS negotiation failure

2023-05-11 Thread Howard Chu
terry.lem...@dell.com wrote: > Hi Howard > > Thanks very much for the reply and the suggestion. Here is the output of a > ldapsearch command that completes successfully when I omit '-H > ldaps://ldpdd042.hop.lab.emc.com:636': The lack of any server reply to the client's Hello message strikes me

RE: Debugging TLS negotiation failure

2023-05-11 Thread Christopher Paul
> -Original Message- > From: Philip Guenther > Sent: Thursday, May 11, 2023 2:06 PM > To: Christopher Paul > Cc: terry.lem...@dell.com; openldap-technical@openldap.org > Subject: RE: Debugging TLS negotiation failure > > > > Not sure if that is causing the problem? > > > > Try prepen

RE: Debugging TLS negotiation failure

2023-05-11 Thread Philip Guenther
On Thu, 11 May 2023, Christopher Paul wrote: > > -Original Message- > > From: terry.lem...@dell.com > > Sent: Thursday, May 11, 2023 1:10 PM > > To: openldap-technical@openldap.org > > Subject: Re: Debugging TLS negotiation failure > > > > I'm using a self-signed server certificate, so no

RE: Debugging TLS negotiation failure

2023-05-11 Thread Christopher Paul
> -Original Message- > From: terry.lem...@dell.com > Sent: Thursday, May 11, 2023 1:10 PM > To: openldap-technical@openldap.org > Subject: Re: Debugging TLS negotiation failure > > I'm using a self-signed server certificate, so no CA should be involved. Not > sure if that is causing the p

Re: Debugging TLS negotiation failure

2023-05-11 Thread Jeffrey Walton
On Thu, May 11, 2023 at 3:46 PM Howard Chu wrote: > > terry.lem...@dell.com wrote: > > > > I've followed the instructions in > > https://www.openldap.org/doc/admin26/quickstart.html to deploy openldap > > 2.6.4 on a SLES 15 SP4 system. Once I confirmed that this was working > > correctly, I mov

Re: Debugging TLS negotiation failure

2023-05-11 Thread terry . lemons
Hi Howard Thanks very much for the reply and the suggestion. Here is the output of a ldapsearch command that completes successfully when I omit '-H ldaps://ldpdd042.hop.lab.emc.com:636': ldpdd042:~ # ldapsearch -d -1 -x -b 'dc=example,dc=com' '(objectclass=*)' -H ldaps://ldpdd042.hop.lab.emc.c

Re: Debugging TLS negotiation failure

2023-05-11 Thread Howard Chu
terry.lem...@dell.com wrote: > Hi > > I've followed the instructions in > https://www.openldap.org/doc/admin26/quickstart.html to deploy openldap 2.6.4 > on a SLES 15 SP4 system. Once I confirmed that this was working correctly, I > moved on to configure TLS, following the instructions in > ht

Debugging TLS negotiation failure

2023-05-11 Thread terry . lemons
Hi I've followed the instructions in https://www.openldap.org/doc/admin26/quickstart.html to deploy openldap 2.6.4 on a SLES 15 SP4 system. Once I confirmed that this was working correctly, I moved on to configure TLS, following the instructions in https://www.openldap.org/doc/admin26/tls.html