I have been searching for quite sometime the issue with my setup with SSL error.
We have a haproxy in tcp mode which connects to another haproxy in tcp mode which in the backend connects to ldap server.
- First Haproxy server is just used to forward the traffic to 2nd haproxy which binds to 636 port this is done due to network limitation on the client end.
Configuration is as below:
server <second_haproxy_server>:636 ssl check verify none inter 12000 rise 3 fall 3
- The second haproxy which binds with 636 and connects to ldap backend servers in port 635. config is as below:
server <ldapserver1_ip>:635 check port 5434 inter 12000 rise 3 fall 3
server <ldapserver2_ip>:635 check port 5434 inter 12000 rise 3 fall 3
But when we perform a ldapsearch we get ldap_sasl_bind(SIMPLE): Can’t contact LDAP server (-1)
And when we perform a openssl test no certificates are passed, not sure what is wrong here could someone please help.
[root@host~]# openssl s_client -showcerts -verify 5 -connect <first_haproxy>:636
verify depth is 5
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 289 bytes