openldap+ssl配置服务器和客户端的双向认证问题!弄了一个星期了,大神来看看吧!在线等

TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server certificate request A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client certificate A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL3 alert read:fatal:bad certificate
TLS trace: SSL_connect:failed in SSLv3 read finished A
TLS: can't connect: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate.
ldap_err2string
ldap_start_tls: Can't contact LDAP server (-1)
additional info: error:14094412:SSL routines:**SSL3_READ_BYTES:sslv3 alert bad certificate**

服务端的配置文件slapd.conf:
{
                        *******
                        TLSVerifyClient demand
                        *******
}

TLSVerifyClient的参数设为demand后,服务器和客户端的认证就出错了。
设为allow是没有问题的

1个回答

打开证书看一下密钥用法里面有没有客户端验证,换一套证书试一下

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问
相关内容推荐