SSL Error Adding Solaris Platform to Identity Manager Fan-Out Driver

  • 7003978
  • 27-Jul-2009
  • 26-Apr-2012

Environment

Novell Identity Manager 3.5.1
Novell Identity Manager 3.6
Novell Identity Manager Driver - Linux and UNIX - Fan Out

Situation

When trying to install the Solaris Platform Receiver, an SSL error happens.  Often an error such as the following will show in the debug trace on the platform side.
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) tcp_ssl_connect: starting
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) tcp_ssl_connect: could not make SSL connect (clean shutdown), error = 1
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) Printing SSL error queue:
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) SSL error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad record mac
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) tcp_ssl_destroy: starting
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) tcp_ssl_close: starting
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) tcp_ssl_close: ending
2009-07-24 12:59:34  [2644@1]: (network_tcpip_ssl) tcp_ssl_destroy: ending, errno = 9
 
Nothing shows in the operational logs or debug traces on the Fan-Out core driver side.

Resolution

The key error message is SSL3_READ_BYTES:sslv3 alert bad record
This is a problem that was caused by a Solaris compile bug that has been fixed by a work around in the IDM 3.6.1 version of the Fan-Out driver.