SSL connection CA LDAP on RACF system getting a connect error TLSProtocolMin tls1.2

book

Article ID: 143587

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC

Issue/Introduction

CA LDAP Server on RACF LPAR connecting to CA IDM

TLSProtocolMin tls1.2 specified in slapd.conf

Error message at the end of the stderr file shows....
TLS: can't accept: SSL protocol or certificate type is not supported.

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

following statement in your slapd.conf...

TLSProtocolMin tls1.2


TLS: can't accept: SSL protocol or certificate type is not supported.

This is related to the connected server certificate not being tls 1.2 or above compliant.
You can check this out by removing (or commenting) theTLSProtocolMin statement
or ensuring that server cert is signed at tls1.2 or above.