[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: opendap sdk and ssl

To: 'Karsten Künne' <kuenne@rentec.com>, John Luce <john.luce@alcatel.com>
Subject: RE: opendap sdk and ssl
From: "HO,ELWIN (HP-Cupertino,ex1)" <elwin_ho@hp.com>
Date: Thu, 24 May 2001 12:34:08 -0400
Cc: tarjei@nu.no, "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>, openldap-software@OpenLDAP.org

Seems OpenLDAP SDK support TLS only, not SSL. 
Do you think it can talk to the LDAP server that supports SSL only? like
iPlanet LDAP server.
I heard that TLS is not backward compactable to SSL.
Elwin


-----Original Message-----
From: Karsten Künne [mailto:kuenne@rentec.com]
Sent: Thursday, May 24, 2001 7:59 AM
To: John Luce
Cc: tarjei@nu.no; Kurt D. Zeilenga; openldap-software@OpenLDAP.org
Subject: Re: opendap sdk and ssl


John Luce wrote:
> 
> Where is there documentation on "How-To" use the SSL features in the LDAP
> library to be used by clients ?
> 
> In other words, I have an app that uses the ldap library to connect and
> transfer data with the LDAP server. How does one get this app to open an
> LDAP connection that uses SSL, reads and writes from the SSL connection
and
> closes the SSL connection.
> 
> Any docs anywhere ?
> 

Use:

    ldap_start_tls_s(LDAP *ldap, NULL, NULL);

Worked fine for me. But you have to make sure that you're using LDAPV3,
for
instance by setting the option:

     int version = LDAP_VERSION3;
     ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &version);

after the ldap_init call.

> Is the 2.0.7 library broken in this respect ?
> 
> ----- Original Message -----
> From: "Kurt D. Zeilenga" <Kurt@openldap.org>
> To: <tarjei@nu.no>
> Cc: <openldap-software@openldap.org>
> Sent: Thursday, May 24, 2001 9:18 AM
> Subject: Re: opendap sdk and ssl
> 
> > The 2.0 libraries support both LDAP over SSL and LDAPv3 Start TLS.
> >
> > Kurt
> >
> > At 05:20 AM 5/24/01, Tarjei Huse wrote:
> > >Hi,
> > >
> > >Many different ldap packages (among them auth_ldap and pam/nss-ldap )
> states
> > >that the netscape sdk is needed to compile them with ssl support. Is
this
> > >true for openldap 2.0.x or is it just for the 1.2.x series?
> > >
> > >If no ssl support in the sdk exists, are there plans to include it?
> > >
> > >Also, what is the recomended version of the netscape sdk?
> > >
> > >Vennlig hilsen
> > >Tarjei Huse
> >
> >

--
Karsten.

+-Bruce Schneier about RAND-tables:----------------------------+
|It lists them in 5 digit groups - 50 on a line and 50 lines on|
|a page ("100097 32533 76520 13568...").  The table goes on for|
|400 pages and exept for  a particular racy section on page 283|
|which reads "69696" makes for a boring read.                  |
+--------------------------------------------------------------+

Follow-Ups:
- Re: opendap sdk and ssl
  - From: Karsten Künne <kuenne@rentec.com>

Prev by Date: Re: opendap sdk and ssl
Next by Date: Interesting TLS problem.
Index(es):
- Chronological
- Thread