← Back to team overview

ubuntu-389-directory-server team mailing list archive

[Bug 1730039] Re: 389-console fails to connect with TLSv1.2


I'm still running into this problem on  18.04.2 LTS.  Is there some
fix/workaround other than downgrading to an old version of java?  for a
variety of other reasons, that's not an option for me.

You received this bug notification because you are a member of Ubuntu
389 Directory Server, which is subscribed to 389-console in Ubuntu.

  389-console fails to connect with TLSv1.2

Status in 389-console package in Ubuntu:
Status in jss package in Ubuntu:

Bug description:
  389-console on Ubuntu 17.10 fails to connect to an instance of dirsrv-
  admin that has been configured to allow only TLSv1.2 connections
  (389-console on Ubuntu 17.04 works fine against the same instance).

  389-console -D 9 debug shows the following error:

  Unable to create ssl socket
  org.mozilla.jss.ssl.SSLSocketException: SSL_VersionRangeSetDefault() for variant=0 with min=768 max=770 out of range (769:772): 0: (0) Unknown error
  	at org.mozilla.jss.ssl.SSLSocket.setSSLVersionRangeDefault(Native Method)
  	at org.mozilla.jss.ssl.SSLSocket.setSSLVersionRangeDefault(SSLSocket.java:1398)
  	at com.netscape.management.client.comm.HttpsChannel.open(Unknown Source)
  	at com.netscape.management.client.comm.CommManager.send(Unknown Source)
  	at com.netscape.management.client.comm.HttpManager.get(Unknown Source)
  	at com.netscape.management.client.console.Console.invoke_task(Unknown Source)
  	at com.netscape.management.client.console.Console.authenticate_user(Unknown Source)
  	at com.netscape.management.client.console.Console.<init>(Unknown Source)
  	at com.netscape.management.client.console.Console.main(Unknown Source)

  Downgrading the libjss-java package to version 4.3.1-7build1 from
  Ubuntu 17.04 fixes the problem.

To manage notifications about this bug go to: