[Freeipa-users] netapp unable to do ldap lookups over ssl to RHEL 7.2 ipa server
Roderick Johnstone
rmj at ast.cam.ac.uk
Thu Jan 28 12:51:37 UTC 2016
Hi
My netapp filer is happily doing ldap over ssl lookups for account
information to my RHEL 6.7 testing ipa server
(ipa-server-3.0.0-47.el6_7.1.x86_64).
However, when I switch the filer to use my RHEL 7.2 ipa server
(ipa-server-4.2.0-15.el7_2.3.x86_64) the lookup doesn't work.
In the dirsrv log file I see entries like this:
[28/Jan/2016:09:17:45 +0000] conn=1338 fd=112 slot=112 SSL connection
from xxx.xxx.xxx.xxx to yyy.yyy.yy.yyy
[28/Jan/2016:09:17:45 +0000] conn=1338 op=-1 fd=112 closed - Cannot
communicate securely with peer: no common encryption algorithm(s).
(xxx.xxx.xxx.xxx is the filer ip address and yyy.yyy.yyy.yyy is the ipa
server ip address).
Looking in the ldap directory for fields with cipher in the name shows a
very different set of nssslenabledciphers between the two ipa-server
versions.
I wonder if this might be the issue?
Can the ldap server tell me what ciphers its being requested to use by
the filer?
Thanks
Roderick Johnstone
More information about the Freeipa-users
mailing list