Tuesday, June 13, 2017

[389-users] Re: Issues enabling SSL/TLS for config DS

On 06/13/2017 08:45 AM, dave_horton2001@hotmail.com wrote:
> Thanks for the reply.
>
> Same end result in the console, although the access log of the DS seems to indicate a bind was attempted. This is post restart after enabling the secure option.
Did you setup SSL for the Admin Server? Admin Server (http server)
needs its own server/CA cert in its security database. DS looks good
and you confirmed this with your ldapsearch, but you need to do the same
for the Admin Server.

>
> [13/Jun/2017:22:37:57.078824629 +1000] conn=1 fd=64 slot=64 SSL connection from 127.0.0.1 to 127.0.1.1
> [13/Jun/2017:22:37:57.084958096 +1000] conn=1 TLS1.2 128-bit AES
> [13/Jun/2017:22:37:58.086857551 +1000] conn=1 op=0 BIND dn="cn=Directory Manager" method=128 version=3
> [13/Jun/2017:22:37:58.089006286 +1000] conn=1 op=0 RESULT err=0 tag=97 nentries=0 etime=1 dn="cn=directory manager"
> [13/Jun/2017:22:37:58.466346017 +1000] conn=2 fd=65 slot=65 SSL connection from 127.0.0.1 to 127.0.1.1
> [13/Jun/2017:22:37:58.466882909 +1000] conn=2 op=-1 fd=65 closed - Encountered end of file.
> [13/Jun/2017:22:37:58.467173875 +1000] conn=3 fd=65 slot=65 SSL connection from 127.0.0.1 to 127.0.1.1
> [13/Jun/2017:22:37:58.467647324 +1000] conn=3 op=-1 fd=65 closed - Encountered end of file.
> [13/Jun/2017:22:37:58.504891549 +1000] conn=4 fd=65 slot=65 SSL connection from 127.0.0.1 to 127.0.1.1
> [13/Jun/2017:22:37:58.505622631 +1000] conn=4 op=-1 fd=65 closed - Encountered end of file.
> [13/Jun/2017:22:37:58.505920575 +1000] conn=5 fd=65 slot=65 SSL connection from 127.0.0.1 to 127.0.1.1
> [13/Jun/2017:22:37:58.506534580 +1000] conn=5 op=-1 fd=65 closed - Encountered end of file.
> _______________________________________________
> 389-users mailing list -- 389-users@lists.fedoraproject.org
> To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)