search cancel

LDAP can't scan TLS ciphers

book

Article ID: 189034

calendar_today

Updated On:

Products

Top Secret Top Secret - LDAP WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

On slapd.conf there are multiple Cipher Suites defined, but LDAP is just using only the last one listed. The following Cipher Suites are defined:

TLSCipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLSCipherSuite TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLSCipherSuite TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLSCipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLSCipherSuite TLS_DHE_RSA_WITH_AES_256_GCM_SHA384  
TLSCipherSuite TLS_DHE_RSA_WITH_AES_256_CBC_SHA256  

What is needed for LDAP to read all the defined Cipher Suites? 

 

Environment

Release : 15.1

Component : LDAP Server

Resolution

The Cipher Suites need to be on the same line and separated by a colon.

Example:

TLSCipherSuite TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

 

Also, make sure that the PTF SO11230 is applied.