Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

NLDAP and SSL 636 port service not listen

152 views
Skip to first unread message

fish yang

unread,
Oct 12, 2004, 11:59:39 PM10/12/04
to
My Environment is Novell Netware 6.0 SP2 system and e-Directoy 8.7.0
install NW6SP5 completed,but 636 port doesn't listen.
In Server console use TCPCON look protocol information didn't find 636 port
listening.
But we were try to reboot server,but didn't have any error message of SSL
or reload nldap ,restart sas, pkidiag to confirm PKI is no problem.
Server 389, 427, 524, 80, 8008, port all listening .
How can I do let the 636 port listening on NLDAP server???

Thank.


AndersG

unread,
Oct 13, 2004, 3:05:16 AM10/13/04
to
Fish yang,

> But we were try to reboot server,but didn't have any error message of SSL
> or reload nldap ,restart sas, pkidiag to confirm PKI is no problem.
> Server 389, 427, 524, 80, 8008, port all listening .
> How can I do let the 636 port listening on NLDAP server???

Do this:
LOAD DSTRACE
DSTRACE -ALL
DSTRACE +LDAP
DSTRACE FILE ON

Then unload and load NLDAP. Look at DSTRACE.LOG. See anything there? BTW,
you have specified a secure listening port and centificate in the LDAP
Server/Group object?

- Anders Gustafsson, Engineer, CNE6, ASE
NSC Volunteer Sysop (http://support-forums.novell.com)
Pedago, The Aaland Islands (N60 E20)
Using VA 4.52 build 277 (32-bit) on Windows 2000 build 2195

fish yang

unread,
Oct 14, 2004, 5:54:08 AM10/14/04
to
My Server name "NDS01" the is LDAP Server and LDAP Group configuration.

LDAP Server:
TLS/SSL Configuration
TLS(SSL) Prot : 636 Enable
Server Certificate : SSL CertificateNDS-NDS01
Client Certificate : Not Requested

LDAP Group:
Server List
LDAP Server List : LDAP Server-NDS01.service.TPC (Only NDS01 Server)


DSTrace log file

LDAP v3 for Novell eDirectory 8.7.0 v10410.57 stopped
Duplicate LDAP attribute name: "groupID" (ignored)
LDAP v3 for Novell eDirectory 8.7.0 v10410.57 started

SSL_CTX_use_KMO failed. Error stack: error:2612D200:KMO support
routines:SSL_CTX_use_KMO:NPKI libraries are not available

SSL_CTX_use_KMO failed. Error stack: error:2612D200:KMO support
routines:SSL_CTX_use_KMO:NPKI libraries are not available

Failed to resolve full context on connection 0x8155c400, err = no such entry
(-601)

Failed to authenticate full context on connection 0x8155c400, err = no such
entry (-601)

Failed to resolve full context on connection 0x8155c400, err = no such entry
(-601)

Failed to authenticate full context on connection 0x8155c400, err = no such
entry (-601)

Failed to authenticate local on connection 0x8155c880, err = failed
authentication (-669)

Failed to authenticate local on connection 0x8155c880, err = failed
authentication (-669)

Cannot resolve NDS name 'T=TPC_TREE' in ResolveAndAuthNDSName, err = no such
entry (-601)

Failed to authenticate local on connection 0x919394c0, err = failed
authentication (-669)

DDCModifyEntry failed, err = no such value (-602)

AndersG

unread,
Oct 14, 2004, 10:43:42 AM10/14/04
to
Fish yang,

> SSL_CTX_use_KMO failed. Error stack: error:2612D200:KMO support
> routines:SSL_CTX_use_KMO:NPKI libraries are not available
>
Start by fixing this:
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10088183.htm

fish yang

unread,
Oct 14, 2004, 12:40:29 PM10/14/04
to
Dear Anders:

Can using NW6.5 NPKIT.NLM and NPKIAPI.NLM on NW6.0 ?? or updata my server
e-Directory for 8.7.3.

"AndersG" <dal...@nomail.to.me> ??? news:VA.00000c5...@nomail.to.me
???...

fish yang

unread,
Oct 14, 2004, 9:41:20 PM10/14/04
to
My Server now SP5

> Why are you on SP2? Try applying the latest servicepack to 6.0 first

AndersG

unread,
Oct 15, 2004, 2:52:06 AM10/15/04
to
Fish yang,
> My Server now SP5
>
And did it help?

fish yang

unread,
Oct 19, 2004, 3:14:56 AM10/19/04
to
Dear Anders,
Thank you help.

"AndersG" <dal...@nomail.to.me> ??? news:VA.00000c6...@nomail.to.me
???...

0 new messages