thanks, i was able to fix the error by setting tls max from TLS1.3 to
TLS1.2. i can now query on the TLS port, however, replication status
is now "In synchroinzation". unfortunately nothing's popping in the
error log
On Thu, Nov 6, 2025 at 2:48 PM Mark Reynolds <mareynol@redhat.com> wrote:
>
> Hi Michael,
>
> Can you run this command (replace INSTANCE with your instance's name),
> and share what it displays:
>
> # dsconf slapd-INSTANCE security get
>
> Does this work or fail? We don't need to see the output unless it fails
>
> # dsconf slapd-INSTANCE security key list
>
> Thanks,
>
> Mark
>
>
> On 11/6/25 9:18 AM, Michael DiDomenico via 389-users wrote:
> > we upgraded from rhel9.5 to 9.6 and now our 389ds server is throwing this error
> >
> > ERR Security Initialization SSL failure: Security Initialization -
> > slapd_ssl_init2 - Failed to set SSL range: min: TLS1.0, max: TLS1.0 -
> > error -8190 (security library: received bad data)
> >
> > as far as i can tell ldap on port 389 is still working, so it's only
> > affecting the TLS side of things, but i can't seem to figure out
> > what's gone wrong.
> >
> > i have a case open with redhat, but maybe someone here might have a suggestion
> >
> > thanks
>
> --
> Identity Management Development Team
>
--
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
No comments:
Post a Comment