On 04 May 2014, at 7:57 PM, Dustin Rice <dustin@xxxxxxx> wrote: > Oh sure, just the way it was worded I wasn't sure if you were seeing successful SSL connections or just "lots of SSL traffic", which can still be handshake failures. > > Can you successfully perform ldapsearches from serverb to serverc over 636? Yes. Weirdly, serverc returns a referral to serverb and servera, which is unexpected: /usr/bin/ldapsearch -x -H ldaps://serverc.example.com:636 -D "cn=Directory Manager" -W -b "o=Foo,c=ZA" "(objectclass=*)" Enter LDAP Password: # extended LDIF # # LDAPv3 # base <o=Foo,c=ZA> with scope subtree # filter: (objectclass=*) # requesting: ALL # # search result search: 2 result: 10 Referral matchedDN: o=Foo,c=za ref: ldap://serverb.example.com:389/o%3DFoo%2Cc%3Dza ref: ldap://servera.example.com:389/o%3DFoo%2Cc%3Dza # numResponses: 1 serverc contains a manually imported copy of the ldif from servera. Regards, Graham -- -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
