{'info': 'error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol', 'desc': "Can't contact LDAP server"}
Hello,
Above is the error message I get when trying the identical settings seen on the Web GUI of our access server running 2.5.2. (the previous IT Admin lost the root password so I am rebuilding our access server with the new build, yes I already tried every possible way to reset this password).
The new access server is running on CentOS7 & Access server version 2.7.3. I can ping the domain controller & the domain controller can ping the access server. I noticed that TLS was defaulted to 1.2, the other access server was running 1.1. I have already tested trying to have this run on 1.1 from the 2.7.3 and I still received the same failure message. When I disable SSL on the access server, LDAP works.
I would really appreciate some help with this as our licenses need to be transferred to the new server before they can be renewed (this is why I had to rebuild the server).
Thank you.
SSL / LDAP issue, 2.7.3
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: SSL / LDAP issue, 2.7.3
Looks like your LDAP server does not support the expected encryption level. Try to ensure your LDAP server supports at least TLS 1.1.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.
-
- OpenVpn Newbie
- Posts: 5
- Joined: Tue Apr 23, 2019 7:27 pm
Re: SSL / LDAP issue, 2.7.3
The issue with this is I have an AS server already running on TLS 1.1, here is the output:
root@localhost ~]# openssl s_client -connect 192.168.111.31:636
CONNECTED(00000003)
depth=0
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
verify error:num=21:unable to verify the first certificate
verify return:1
root@localhost ~]# openssl s_client -connect 192.168.111.31:636
CONNECTED(00000003)
depth=0
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0
verify error:num=21:unable to verify the first certificate
verify return:1