sssd.service logging: Could not start TLS encryption. unknown error
Issue
-
sssd.service failing with following showing in
systemctl status sssd.service
sssd.service sssd[be[domain]][PID]: Could not start TLS encryption. unknown error
-
sssd failing with following in sssd logs
[be[example]] [sdap_uri_callback] (0x0400): Constructed uri 'ldaps://ldap.example.com:636' [be[example]] [sssd_async_socket_init_send] (0x4000): Using file descriptor [18] for the connection. [be[example]] [sssd_async_socket_init_send] (0x0400): Setting 6 seconds timeout for connecting [be[example]] [be_ptask_execute] (0x0400): Task [enumeration]: executing task, timeout 300 seconds [be[example]] [sdap_id_op_connect_step] (0x4000): waiting for connection to complete [be[example]] [sss_ldap_init_sys_connect_done] (0x0020): ldap_install_tls failed: [Connect error] [unknown error] [be[example]] [sss_ldap_init_state_destructor] (0x0400): calling ldap_unbind_ext for ldap:[0x2aa4d845090] sd:[18] [be[example]] [sss_ldap_init_state_destructor] (0x0400): closing socket [18] [be[example]] [sdap_sys_connect_done] (0x0020): sdap_async_connect_call request failed: [5]: Input/output error. [be[example]] [sdap_handle_release] (0x2000): Trace: sh[0x2aa4db584d0], connected[0], ops[(nil)], ldap[(nil)], destructor_lock[0], release_memory[0] [be[example]] [_be_fo_set_port_status] (0x8000): Setting status: PORT_NOT_WORKING. Called from: src/providers/ldap/sdap_async_connection.c: sdap_cli_connect_done: 1605
Environment
- Red Hat Enterprise Linux (RHEL) 7
- Between sssd-1.16.4-37.el7_8.1 and sssd-1.16.5-10.el7_9.7.
- Red Hat Enterprise Linux (RHEL) 8
- sssd-2.0.0-43.el8 or later
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.