Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

TLS secure connection to an LDAP server

from [fatima riadi] Network Security [Permanent Link]
Subject: TLS secure connection to an LDAP server
Date: Wed, 23 Mar 2005 13:26:34 +0100 (CET) 
Hi there,

I am trying to secure connections to my ldap server by
using TLS.
I created a certificate for my server. The certicate
verification was OK (openssl verify -CAfile
/path/to/ca.pem /path/to/my_ldap_srv_certificate).
On my slapd.conf file I set TLSCACertificateFile,
TLSCertificate and TLSCertificateKeyFile paths.
I ran my server on the two default ports 389 (ldap)
and 636 (ldaps) using this command: 'slapd -d127 -h
"ldap:/// ldaps:///'.
Once checking the SSL conection (by running the
command: 'openssl s_client -connect localhost:636
-showcerts -state -CAfile /path/to/ca.pem'), I get the
following output:
  
  CONNECTED(00000003)
  SSL_connect:before/connect initialization
  SSL_connect:SSLv2/v3 write client hello A
  SSL3 alert read:fatal:handshake failure
  SSL_connect:error in SSLv2/v3 read server hello A
  2338:error:14077410:SSL
routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
failure:s23_clnt.c:470:

My server's debug output shows:

  TLS trace: SSL3 alert write:fatal:handshake failure
  TLS trace: SSL_accept:error in SSLv3 read client
hello B
  TLS trace: SSL_accept:error in SSLv3 read client
hello B
  TLS: can't accept.
  TLS: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
s3_srvr.c:882
  connection_read(8): TLS accept error error=-1 id=0,
closing
  connection_closing: readying conn=0 sd=8 for close
  connection_close: conn=0 sd=8
  daemon: removing 8
  daemon: select: listen=6 active_threads=0 tvp=NULL
  daemon: select: listen=7 active_threads=0 tvp=NULL
  daemon: activity on 1 descriptors
  daemon: select: listen=6 active_threads=0 tvp=NULL
  daemon: select: listen=7 active_threads=0 tvp=NULL


I can't guess what could be the error. Do you please
have any suggestion?

I am using OpenSSH_3.5p1 with OpenLDAP 2.1.22 on a Red
Hat box.

Thank you in advance!


        

        
                
__________________________________________________________________
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! 
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • TLS secure connection to an LDAP server, fatima riadi <=
Previous by Date:  Strange sshd message in /var/log/messages: sshd: ^[[60G, Rafiq_Maniar
Next by Date:  interactive and login shells: bug or design decision ?, Cristian Zoicas
Previous by Thread:  Strange sshd message in /var/log/messages: sshd: ^[[60G, Rafiq_Maniar
Next by Thread:  interactive and login shells: bug or design decision ?, Cristian Zoicas
Indexes:  [Date] [Thread] [Top] [All Lists]