directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Shawn McKinney <>
Subject Re: [ApacheDS] Cannot establish TLS connection between spring-ldap client and apacheds
Date Wed, 26 Jul 2017 13:58:02 GMT

> On Jul 26, 2017, at 3:19 AM, John Lee <> wrote:
> I'm having a problem establishing a LDAPS connection between spring-ldap
> client and apacheDS. Details are provided on stackoverflow, as this is the
> official forum for spring-ldap and I assume the problem is client-side:

Nice writeup on overflwo.  This error jumped out at me:
Thread-8, handling exception: Unsupported record version Unknown-38.2
%% Invalidated:  [Session-1, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384]
Thread-8, SEND TLSv1.2 ALERT:  fatal, description = unexpected_message

for which I googled:
" Unsupported record version Unknown-38.2
%% Invalidated”

and found some hits.  Have you chased those down?

The other thing you can try is connecting with the Apache LDAP API instead of spring ldap.
 I am not suggesting that spring ldap’s apis are broken on TLS.  I’m saying that’s apacheds
+ its own ldap api are a combination that has been tested by us here and we’re going to
have better support for you.

There’s some doc about the api and crypto stuff here:

Oh and welcome to the list.  Good luck.

View raw message