11-13-2014 07:06 AM - edited 03-01-2019 11:54 AM
Hello. I sucessfully configured ldap authorization on my UCS Central machine, but unable to upgrade connection to SSL or TLS. That I did:
When I trying to login to UCS Central via web with ldap domain I got on the openldap side:
slapd[12638]: conn=1008 fd=19 closed (TLS negotiation failure)
My openldap server shows correct answer on "openssl s_client -connect openldap.domain.tld:636 -showcerts -state" with full chain of certificates: CA certificate, then server certificate, which is same as I imported to UCS Central. The DNS name of openldap server in UCS Central configuration is same as CN in openldap server certificate.
Where is my mistake? How can I debug ldap ssl to console or syslog from UCS Central for troubleshooting? My ucs central version is 1.2(1a).
11-17-2014 10:20 AM
Today I've deployed new host with UCS Central and I made same configuration for ldap authorization at this new host. I didn't touch any other options - only ldap configuration. It works with SSL checkbox and successfully connects to same openldap server with STARTTLS protocol.
So I guess my openldap server is fine and I have something wrong in my current UCS Central config, but I can't discover this issue. How can I do it?
05-08-2017 08:43 AM
raven428c,
Did you ever figure this out?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: