start_tls error

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hello,
Can anyone tell me how to setup perl-LDAP script to use TLS/SSL
connection? 
Since a few days I'm trying to start TLS connection in my perl-ldap
scripts but without success. I use start_tls function like this
ldap->start_tls(verify => "none", sslversion => "sslv3");
First I won't to verify client certificates. 
I use openldap 2.0.23 and start slapd on default 389 port (non-secure).
In slapd.conf file I set 
TLSCertificateKeyFile /usr/local/openldap2/etc/openldap/server.key
TLSCertificateFile /usr/local/openldap2/etc/openldap/server.crt

When I use openldap's function ldapsearch with -Z option I have correct
TLS/SSL connection and get correct search result, but when I run
my perl-ldap script I get following error:
ldap_start_tls: Error 1: Operations error.

In slapd's log I have lines:

TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
tls_read: want=5 error=Resource temporarily unavailable
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL_accept:error in SSLv3 read client certificate A
TLS trace: SSL3 alert read:fatal:bad certificate
TLS trace: SSL_accept:failed in SSLv3 read client certificate A
TLS: can't accept.
TLS: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
certificate s3_pkt.c:985
connection_read(9): TLS accept error error=-1 id=28, closing

I try to use LDAPS instead LDAP/start_tls but also without success.
Does anyone have any suggestions? 
Ewa
--
Ewa Skrenty
Information & Communication Technology Centre
Nicholas Copernicus University
Chopina 12/18, 87-100 Torun, Poland