Can't create a secure connection to the LDAP Server
(Last modified: 11Feb2005)
This document (10089842) is provided subject to the disclaimer at the end of this document.
symptom
Can't create a secure connection to the LDAP Server
Error: TLS accept failure 1 on connection 0xb6f72e00, setting err = -5875
Error: SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate - SSL alert number 42
Error: TLS handshake failed on connection
fact
Novell eDirectory 8.7.1 for All Platforms
Novell eDirectory 8.7.3 for All Platforms
change
Recreating the Certificate Authority can cause this.
cause
The LDAP client does not trust the Certificate Authority that signed the LDAP Server's certificate. Typically, each LDAP client keeps a list of all the Certificate Authorities that it trusts. If the CA has been recreated, the LDAP client must update its list.
fix
There is no standarized method to update a LDAP client's trusted list. Here are two examples: Also you may want to try creating a new or "test" SSL Certificate, it is possible that the current certificate is invalid or corrupt, then test one or both of the above methods to prove that LDAP is working properly. For third party LDAP programs, consult the administration guide or the vendor.
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
document
Document Title: Can't create a secure connection to the LDAP Server Document ID: 10089842 Solution ID: NOVL94711 Creation Date: 24Dec2003 Modified Date: 11Feb2005 Novell Product Class: NetWare disclaimer
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.