search

open-eid / DigiDoc4-Client

DigiDoc4 Client is an application for digitally signing and encrypting documents; the software includes functionality to manage Estonian ID-card - change pin codes etc.
https://www.id.ee/en/article/install-id-software/
Other
116 stars 41 forks source link

LDAPS Handshake Failure #1223

Closed zbalkan closed 6 months ago

zbalkan commented 8 months ago

Summary

DigiDoc Client fails to search users

Version: 4.4.0.4447 (64 bit)

Steps to reproduce

Client error message

image

Wireshark capture

image

Version

image

zbalkan commented 8 months ago

The diagnostics:

Locale: English / 1252 (ANSI - Latin I)
User rights: Administrator
Application version: 4.4.0.4447 (64 bit)
OS: Windows 10 19045 (x86_64/x86_64)

Libraries:
QT (6.5.1)
OpenSSL build (OpenSSL 3.0.7 1 Nov 2022)
OpenSSL current (OpenSSL 3.0.9 30 May 2023)
digidocpp (3.16.0.1442)
qdigidoc4.exe (4.4.0.4447)
esteidcm (3.12.2.158)
EstIDMinidriver64 (1.2.4.0)
onepin-opensc-pkcs11 (0.21.0.0)
libcrypto-3-x64 (3.0.9.0)
libssl-3-x64 (3.0.9.0)
zlib1 (1.2.13.0)
xerces-c_3_2 (3.2.4.0)
xalan-c_1_12 (1.12.0.0)
xalanmessages_1_12 (1.12.0.0)
xsec_2_0 (2.0.4.0)
advapi32 (10.0.19041.3570)
crypt32 (10.0.19041.3570)
winscard (10.0.19041.3570)

ATRfiltr service status: Running
Certificate Propagation service status: Running
Arguments: C:\Program Files\WindowsApps\RiigiInfossteemiAmet.DigiDoc4client_4.4.0.0_x64__3710fbsnk4d74\qdigidoc4.exe
Library paths: C:/Program Files/WindowsApps/RiigiInfossteemiAmet.DigiDoc4client_4.4.0.0_x64__3710fbsnk4d74
URLs:
CONFIG_URL: https://id.eesti.ee/config.json
SID-PROXY-URL: https://eid-dd.ria.ee/sid/v1
SIDV2-PROXY-URL: https://eid-dd.ria.ee/sid/v2
SID-SK-URL: https://rp-api.smart-id.com/v1
SIDV2-SK-URL: https://rp-api.smart-id.com/v2
MID-PROXY-URL: https://eid-dd.ria.ee/mid
MID-SK-URL: https://mid.sk.ee/mid-api
RPUUID: is set by default
TSL_URL: https://ec.europa.eu/tools/lotl/eu-lotl.xml
TSA_URL: https://eid-dd.ria.ee/ts
SIVA_URL: https://siva.eesti.ee/V3/validate
CDOC2:
CDOC2-DEFAULT: false
CDOC2-USE-KEYSERVER: true
CDOC2-DEFAULT-KEYSERVER: 00000000-0000-0000-0000-000000000000

TSL signing certs:
Patrick Kremer (Signature)
European Commission
European Commission
JEROEN ARNOLD L RATHE
APOSTOLOS APLADAS
CONSTANTIN-ADRIAN CROITORU

TSL cache:
EE.xml (62)
eu-lotl.xml (332)

Central Configuration:
DATE: 20231018055115Z
SERIAL: 163
URL: https://id.eesti.ee/config.json
VER: 1

Smart Card service status: Running
Smart Card readers:
Alcorlink USB Smart Card Reader 0
Reader state: CHANGED, UNAVAILABLE
Smart Card reader drivers:
Alcorlink USB Smart Card Reader (USB\VID_058F&PID_9540&REV_0120)

Browsers:
Microsoft Edge (118.0.2088.46)
Microsoft Edge WebView2 Runtime (118.0.2088.46)
Mozilla Firefox (x64 en-US) (118.0.2)
Google Chrome (118.0.5993.72)
Internet Explorer (11.3570.19041.0)

and the logs:

2023-10-19T11:17:09Z D [File.cpp:311] - Created directory or direcotry exists 'C:\Users\<username>\AppData\Roaming\digidocpp\tsl'
2023-10-19T11:17:09Z D [TSL.cpp:285] - TSL eu-lotl.xml (332) signature is valid
2023-10-19T11:17:09Z D [TSL.cpp:285] - TSL EE.xml (62) signature is valid
2023-10-19T11:17:09Z I [X509CertStore.cpp:63] - Loaded 54 certificates into TSL certificate store.
kristelmerilain commented 6 months ago

Please send more detailed info (reference to this github issue and add DigiDoc4 Client logs) to the ID-helpline.