If you are using the auto generated self signed certificates try a version 1.7 jvm or generate your own certs. I think the DS selfsigned certs are not created correctly in a 1.8 Jvm due to changes in supported crypto algorithms.
On 4 Nov. 2017 9:37 pm, "Emmanuel Lécharny" <elecha...@gmail.com> wrote: > > > Le 03/11/2017 à 23:50, Serge Pouliquen a écrit : > > Hi, > > > > > Can you packet capture from one end or the other and verify that the > > secure handshake is successful or failing when you have TLS enabled? > > > > I'm not sure to well understand the request, but I will try to answer. > > > from one end or the other > > run on localhost, so it should be the same > > I indicated in point 6, that I captured nothing (no communication) : > > no TLS request, no success, no TLS failure. > > Once a request has been send by address book window, I can capture TLS > > handshake success and the result of the search. > > Later search from compose window, I can see TLS success and the result > > are proposed in completion list. > > > > When thunderbird is not completing, wireshark on loopback capture no > > packet at all. > > > > I find that a bit strange. > > Indeed. > > > > > > > > -Djavax.net.debug=all > > tried and no log at the moment a request should be issued > > You don't see anything in the ApacheDS logs ? That may mean TB is not > sending anything... > > > > software versions : > > apache ds : 2.0.0-M24 > > thunderbird : 52.4.0 (packaged by debian for strech amd64) > > java version : openjdk 1.8.0_151 (packaged by debian for strech amd64) > > Latest versions. Fine. > > > > java -version > > openjdk version "1.8.0_151" > > OpenJDK Runtime Environment (build 1.8.0_151-8u151-b12-1~deb9u1-b12) > > OpenJDK 64-Bit Server VM (build 25.151-b12, mixed mode) > > > > Should I test the oracle version ? > > That woudl worth the try. Not sure it will change anything. > > OTOH, you do not seems to be the only one having this problem : > https://stackoverflow.com/questions/28990729/tls-support-for-ldap-in- > thunderbird > > You may want to activate Thuderbird logs : > > https://wiki.mozilla.org/MailNews:Logging > > > -- > Emmanuel Lecharny > > Symas.com > directory.apache.org > >
