Uploaded image for project: 'Directory'
  1. Directory
  2. DIR-185

ldaps not working with gpg

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • miscellaneous
    • None
    • cygwin gpg (GnuPG) 1.4.1

    Description

      when doing

      myPc> gpg --keyserver ldaps://localhost:2636 --search micky -v
      gpg: searching for "micky -v" from ldaps server localhost
      gpgkeys: unable to retrieve LDAP base: Can't contact LDAP server
      gpg: key "micky -v" not found on keyserver
      gpg: keyserver internal error
      gpg: keyserver search failed: keyserver error

      on the server-side, I see

      <<7594 [IoThreadPool-1] INFO org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler - [/127.0.0.1:1808] OPENED
      8016 [IoThreadPool-1] INFO org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler - [/127.0.0.1:1808] CLOSED
      8016 [IoThreadPool-1] ERROR org.apache.directory.server.ldap.LdapProtocolProvider$LdapProtocolHandler - [/127.0.0.1:1808] EXCEPTION:
      javax.net.ssl.SSLHandshakeException: Initial SSL handshake failed.
      at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:422)
      at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:494)
      at org.apache.mina.common.support.AbstractIoFilterChain.access$1000(AbstractIoFilterChain.java:52)
      at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:761)
      at org.apache.mina.filter.ThreadPoolFilter.processEvent(ThreadPoolFilter.java:665)
      at org.apache.mina.filter.ThreadPoolFilter$Worker.processEvents(ThreadPoolFilter.java:421)
      at org.apache.mina.filter.ThreadPoolFilter$Worker.run(ThreadPoolFilter.java:376)
      Caused by: javax.net.ssl.SSLException: Received fatal alert: unknown_ca
      at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:166)
      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1352)
      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1320)
      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1482)
      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:957)
      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:782)
      at com.sun.net.ssl.internal.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:674)
      at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:566)
      at org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:675)
      at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:492)
      at org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:291)
      at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:390)
      ... 6 more>>

      it would be great to know what ca gpg is presenting or what other measures would make this work...

      Attachments

        Activity

          People

            akarasulu Alex Karasulu
            ralfhauser Ralf Hauser
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: