Details
-
Bug
-
Resolution: Fixed
-
Major
-
7.1.0
-
Untriaged
-
0
-
Unknown
Description
Problem
The error messages in the UI are misleading and are lacking information
Here are the three situation:
- Using startls the error message is 'Failed to use StartTLS extension'
The error in the logs is a little more useful with:
=========================NOTICE REPORT=========================
|
TLS client: In state wait_cert_cr at ssl_handshake.erl:2017 generated CLIENT ALERT: Fatal - Handshake Failure
|
- {bad_cert,hostname_check_failed}
|
[ns_server:error,2023-02-16T11:40:09.467Z,ns_1@127.0.0.1:<0.28159.16>:ldap_util:with_connection:159]LDAP TLS start failed: {tls_alert,
|
{handshake_failure,
|
"TLS client: In state wait_cert_cr at ssl_handshake.erl:2017 generated CLIENT ALERT: Fatal - Handshake Failure\n {bad_cert,hostname_check_failed}"}}
|
Now the same setup but using the TLS port 636, the error message is 'Can't connect to the server'
That suggests there is a network error but if we look at the logs the problem is the same as before:
[error_logger:info,2023-02-16T11:42:03.237Z,ns_1@127.0.0.1:<0.328.17>:ale_error_logger_handler:do_log:101]
|
=========================NOTICE REPORT=========================
|
TLS client: In state wait_cert_cr at ssl_handshake.erl:2017 generated CLIENT ALERT: Fatal - Handshake Failure
|
- {bad_cert,hostname_check_failed}
|
[ns_server:error,2023-02-16T11:42:03.238Z,ns_1@127.0.0.1:<0.32518.16>:ldap_util:with_connection:166]Connect to ldap ["localhost"] (port: 636, SSL: true} failed: "connect failed"
|
For example if I configure it to connect to the wrong port it's the same error in the UI:
The logs just have the following message:
[ns_server:error,2023-02-16T11:44:58.408Z,ns_1@127.0.0.1:<0.7389.17>:ldap_util:with_connection:166]Connect to ldap ["localhost"] (port: 100, SSL: true} failed: "connect failed"
|
Expectation
For a better error message to be passed back to the user.
Attachments
Issue Links
- relates to
-
MB-54741 Improved Certificate Validation and Reporting
-
- Open
-