[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: SSL Connection problems
Hello,
Yes, it is! I use self signed certificates which I completely generated
myself, so I'm aware of this issue, and yes I always use just "grumbler"
instead of the FQDN.
I also do remote connections over SSL from PerLDAP using Netscape's
directory SDK 4.x ... This is actually the first time I try connecting over
SSL using OpenLDAP/OpenSSL.(from a separate box, ldapsearch works fine on
the same box that the server runs on, but not from this other box).
See my previous e-mails on this thread for more details as to what I've
tried so far ...
I remain baffled ... FYI this actually started when I was testing the use of
ldap_start_tls_s from my SWIG generated python interface to the OpenLDAP
library ... I was getting the behaviour I've mentioned. Thinking maybe it
was my code, I tried ldapsearch and lo and behold, exact same thing!
This is a rather big problem for me, as connecting over a non-encrypted link
isn't acceptable ... I suppose if worse comes to absolutely worse I can try
wrapping the Netscape SDK with SWIG ... But I'd MUCH rather use OpenLDAP!
Thanks,
Jean-Francois Doyon
Carbon IT
http://methane.org
Tel.: (819) 827-9997
Fax : (819) 827-6653
-----Original Message-----
From: Kurt D. Zeilenga [mailto:Kurt@OpenLDAP.org]
Sent: October 30, 2001 7:38 PM
To: Doyon, Jean-Francois
Cc: 'D.M.Lewney@sussex.ac.uk'; 'openldap-software@OpenLDAP.org'
Subject: RE: SSL Connection problems
At 06:37 AM 2001-10-29, Doyon, Jean-Francois wrote:
><certificate and other things appeared here>
>-----END CERTIFICATE-----
>subject=/C=CA/ST=ON/L=Ottawa/O=CCRS/OU=GAD/CN=grumbler/Email=jdoyon@nrcan.g
c
>.ca
>issuer=/C=CA/ST=ON/L=Ottawa/O=CCRS/OU=GAD/CN=grumbler/Email=jdoyon@nrcan.gc
.
>ca
is "grumbler" the EXACT host name you are specifying on the
command line? If not, then that your problem.
Kurt