Re: ldap_start_tls_s() error NOT SUPPORTTED

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

The LDAP_NOT_SUPPORTED result code indicates that the client
library doesn't support generation of a Start TLS request.
As you report that ldapsearch(1) had no exhibit this problem,
I presume you are using a different client library, one
which wasn't built with support for TLS, for your program.

At 09:44 AM 3/23/2005, Reguera Gilarranz, Teresa wrote:
>Hello,
>
>I'm trying to modify a C++ program that currently does an ldap_search() to do this search using a secure connection. Looking at some examples I saw I had to add the ldap_start_tls_s() function after the ldap_init(). I also noticed I had to set protocol version what I did...so I don't know why I'm getting the NOT SUPPORTED error...
>If I tried with the ldapsearch from command line with -ZZ options, it works fine. Can anyone please give me any suggestion???
>
>This is the code:
>
>
>            pLDAP = ldap_init( hostname, 389  );
>        if ( pLDAP == NULL ) {          
>                return (Error)LDAPSSL_INIT_FAILED;
>        } 
>
>        static Uint32 version = LDAP_VERSION3;
>        rc = ldap_set_option (pLDAP, LDAP_OPT_PROTOCOL_VERSION, (void*)&version);
>              //that worked fine
>        rc = ldap_start_tls_s(pLDAP, NULL, NULL);
>              //that failed with NOT_SUPPORTED error
>        if (rc!= LDAP_SUCCESS) {                
>                return LDAP_START_TLS_FAILED;
>        } 
>
>I have installed OpenLDAP 2.2.23 and OpenSSL 0.9.7e
>Thanks a lot!!
>Mayte