Hello, > I setup openldap properly with the certs by copying into the correct > directory and with the correct permissions and set up slapd.conf with > the following entries > > TLSCipherSuite HIGH:MEDIUM:+TLSv1:+SSLv2: > +SSLv3 > TLSCACertificateFile /usr/local/etc/openldap/cacert.pem > TLSCertificateFile /usr/local/etc/openldap/server_cert.pem > TLSCertificateKeyFile /usr/local/etc/openldap/server_key.pem > > > Slapd starts up successfully ---- using > > /usr/local/libexec/slapd -d10 -u ldap -h "ldap:/// ldaps:///" > > now the openssl questios: > > I run > > /usr/local/ssl/bin/openssl s_client -connect localhost:636 -showcerts > > and get the error above TLS1_SETUP_KEY_BLOCK cipher or hash > unavailable .... > > BUT ... If I use the openssl that came with Solaris 11 > /usr/sfw/bin/openssl -connect localhost:636 this works properly.... > without error... > That version of ssl is 0.8.9a.. Try to esablish connection between "openssl s_client" and "openssl s_server" with your compiled version and with these ciphers. Try to run "openssl s_client -debug -msg -state" to get more information.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
