[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7398) Retrieve LDAP server cert

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7398) Retrieve LDAP server cert
From: h.b.furuseth@usit.uio.no
Date: Sat, 22 Sep 2012 13:50:45 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

 michael@stroeder.com wrote:
>Kurt Zeilenga wrote:
>> Why not just get it from TLS?

 That does require an #ifdef <which TLS implementation> mess in
 the client.  libldap already has that.

> What exactly do you mean?

 In OpenSSL, SSL_get_peer_certificate().

 I note that it might also or instead make sense to ask for the
 cert chain - OpenSSL SSL_get_peer_cert_chain().  Which quickly
 dives into how many other TLS session attributes it would make
 sense to kindly provide an LDAP API interface to...

 Hallvard

Prev by Date: Re: (ITS#7398) Retrieve LDAP server cert
Next by Date: Re: (ITS#7398) Retrieve LDAP server cert
Index(es):
- Chronological
- Thread