openssl 与 ldap 服务器的连接问题

tag-icon tag-icon ubuntu docker openssl ldap
openssl 与 ldap 服务器的连接问题

我在 docker 容器(Ubuntu 20.04)中运行以下命令:

openssl s_client -debug -connect ldap-server-name:3269 < /dev/null

大多数情况下,它返回:

CONNECTED(00000003)
write to 0x55c975d33ba0 [0x55c975d43f10] (312 bytes => 312 (0x138))
0000 - 16 03 01 01 33 01 00 01-2f 03 03 1e 83 2c 88 a7   ....3.../....,..
0010 - 10 97 7c da 98 a2 69 6b-f3 24 55 c6 ed e4 d8 b7   ..|...ik.$U.....
0020 - 44 6a 9b 52 b9 10 ab 07-16 d0 dc 20 37 79 42 19   Dj.R....... 7yB.
0030 - 16 9a e1 09 16 93 e7 dc-4f ef e3 18 46 8f 57 a0   ........O...F.W.
0040 - 6f 6d 75 69 49 49 05 f1-74 64 ef 99 00 3e 13 02   omuiII..td...>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa   .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27   .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d   .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 a8   ...=.<.5./......
0090 - 00 00 00 19 00 17 00 00-14 67 6c 75 65 2e 73 79   .........ldap-se
00a0 - 73 74 65 6d 73 2e 75 6b-2e 68 73 62 63 00 0b 00   rver-name.......
00b0 - 04 03 00 01 02 00 0a 00-0c 00 0a 00 1d 00 17 00   ................
00c0 - 1e 00 19 00 18 00 23 00-00 00 16 00 00 00 17 00   ......#.........
00d0 - 00 00 0d 00 2a 00 28 04-03 05 03 06 03 08 07 08   ....*.(.........
00e0 - 08 08 09 08 0a 08 0b 08-04 08 05 08 06 04 01 05   ................
00f0 - 01 06 01 03 03 03 01 03-02 04 02 05 02 06 02 00   ................
0100 - 2b 00 05 04 03 04 03 03-00 2d 00 02 01 01 00 33   +........-.....3
0110 - 00 26 00 24 00 1d 00 20-d4 b5 26 30 02 9c 16 95   .&.$... ..&0....
0120 - 15 00 4b 22 ac f7 74 66-b7 ac 76 d2 a2 4e f9 54   ..K"..tf..v..N.T
0130 - 4d 4f 9c f6 c0 e4 b3 70-                          MO.....p
read from 0x55c975d33ba0 [0x55c975d3ac73] (5 bytes => 0 (0x0))
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 312 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read from 0x55c975d33ba0 [0x55c975d28f80] (8192 bytes => 0 (0x0))

偶尔(比如说五次中一次),它会返回关于 ldap 服务器的完整信息,比如“证书链”和“服务器证书等”。

在 Windows 主机上,该命令运行正常。

我该如何排除故障?

相关内容