Thanks, this did the trick. Seems the mirrors did not have the updates when I tried to run "dnf upgrade" before posting this. Issue solved. On Mon, Jun 6, 2016 at 1:16 PM, Anthony Messina <amessina@xxxxxxxxxxxx> wrote: > On Monday, June 06, 2016 01:09:21 PM Todor Petkov wrote: >> Hello all, >> >> I have the following setup: >> 2 servers, Centos6, latest 389-ds packets. >> 1 client, Fedora23, SSSD configured >> >> I have upgraded the Fedora recently with the latest packets and I can >> not authenticate any longer. >> In the 389-ds logs I can see the following: >> >> [06/Jun/2016:11:58:36 +0300] conn=1709954 fd=142 slot=142 SSL >> connection from 172.16.18.52 to 172.16.18.254 >> [06/Jun/2016:11:58:36 +0300] conn=1709954 op=-1 fd=142 closed - >> Encountered end of file. >> >> Same is when I run ldapsearch from command line. Search via ldap is >> fine, but ldaps fails. >> >> I have "ldap_tls_reqcert = never" in the sssd.conf, also "TLS_REQCERT >> never" in /etc/openldap/ldap.conf, but it does not help. >> >> Can someone give a hint what else needs to be changed? Other clients >> (Centos/Redhat/Debian machines) are working. >> >> Regards, > > Make sure you have at least nss-3.24.0-1.2.fc23 on your Fedora machines. See > https://bodhi.fedoraproject.org/updates/FEDORA-2016-db48cd10e9 > > -- > Anthony - https://messinet.com/ - https://messinet.com/~amessina/gallery > 8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E > > -- > 389-users mailing list > 389-users@xxxxxxxxxxxxxxxxxxxxxxx > https://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx > -- 389-users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
