Bug 51645 - ldap_start_tls: Can't contact LDAP server (-1) in 40_ssl/10ssl
ldap_start_tls: Can't contact LDAP server (-1) in 40_ssl/10ssl
Status: NEW
Product: UCS
Classification: Unclassified
Component: System setup
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2020-07-08 10:36 CEST by Florian Best
Modified: 2020-08-14 09:06 CEST (History)
1 user (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Florian Best univentionstaff 2020-07-08 10:36:42 CEST
setup.log contains errors:

=== 40_ssl/10ssl (2020-07-08 01:34:47) ===
__NAME__:40_ssl/10ssl Erstellen der SSL-Zertifikate
__STEPS__:10
__STEP__:2
__MSG__:Sichern der alten SSL-Zertifikate
Wed Jul  8 01:34:48 CEST 2020
__STEP__:5
__MSG__:Erstellen des SSL CA-Zertifikates.
Generating RSA private key, 2048 bit long modulus (2 primes)
e is 65537 (0x010001)
Clearing symlinks in /etc/ssl/certs...
done.
Updating certificates in /etc/ssl/certs...
129 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
Getting request Private Key
Generating certificate request
Using configuration from /etc/univention/ssl/openssl.cnf
__STEP__:7
__STEP__:9
Job for slapd.service failed because the control process exited with error code.
See "systemctl status slapd.service" and "journalctl -xe" for details.
â—<8f> slapd.service - LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol)
   Loaded: loaded (/etc/init.d/slapd; generated)
   Active: failed (Result: exit-code) since Wed 2020-07-08 01:34:51 CEST; 10ms ago
    ›Docs: man:systemd-sysv-generator(8)
  Process: 25375 ExecStart=/etc/init.d/slapd start (code=exited, status=1/FAILURE)
Jul 08 01:34:51 master091 slapd[25386]: DIGEST-MD5 common mech free
Jul 08 01:34:51 master091 slapd[25386]: DIGEST-MD5 common mech free
Jul 08 01:34:51 master091 slapd[25386]: slapd stopped.
Jul 08 01:34:51 master091 slapd[25386]: connections_destroy: nothing to destroy.
Jul 08 01:34:51 master091 slapd[25375]: Starting ldap server(s): slapd ...failed.
Jul 08 01:34:51 master091 slapschema[25389]: DIGEST-MD5 common mech free
Jul 08 01:34:51 master091 slapd[25375]: .
Jul 08 01:34:51 master091 systemd[1]: slapd.service: Control process exited, code=exited, status=1/FAILURE
Jul 08 01:34:51 master091 systemd[1]: slapd.service: Failed with result 'exit-code'.
Jul 08 01:34:51 master091 systemd[1]: Failed to start LSB: OpenLDAP standalone server (Lightweight Directory Access Protocol).
__STEP__:10
Creating certificate: master091.AutoTest091.local
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
ldap_start_tls: Can't contact LDAP server (-1)
Generating RSA private key, 2048 bit long modulus (2 primes)
Comment 1 Florian Best univentionstaff 2020-07-08 21:46:16 CEST
[master091] 2020-07-08T18:56:01.090550	Jul 08 18:54:37 unassigned-hostname slapd[22090]: /etc/ldap/slapd.conf: line 66: <suffix> invalid DN 21 (Invalid syntax)
Comment 2 Florian Best univentionstaff 2020-07-09 09:35:33 CEST
root: /etc/init.d/slapd start (pid: 25386, ppid:    1 systemd)
slapd[25404]: @(#) $OpenLDAP: slapd  (Jun  9 2020 16:35:41) $#012#011Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
slapd[25404]: main: TLS init def ctx failed: -1
slapd[25386]: Starting ldap server(s): slapd ...failed.
Comment 3 Nico Gulden univentionstaff 2020-08-13 15:49:47 CEST
Users receive the same error upon uploading a license to their virtual machine. See Ticket#2020061421000387.
Comment 4 Florian Best univentionstaff 2020-08-13 15:52:45 CEST
(In reply to Nico Gulden from comment #3)
> Users receive the same error upon uploading a license to their virtual
> machine. See Ticket#2020061421000387.
That's a different issue. Better create another bug for it.
Comment 5 Nico Gulden univentionstaff 2020-08-14 09:06:06 CEST
OK. Thanks for the clarification. I opened https://forge.univention.org/bugzilla/show_bug.cgi?id=51820.