[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: opendap sdk and ssl
"HO,ELWIN (HP-Cupertino,ex1)" wrote:
>
> Seems OpenLDAP SDK support TLS only, not SSL.
> Do you think it can talk to the LDAP server that supports SSL only? like
> iPlanet LDAP server.
> I heard that TLS is not backward compactable to SSL.
> Elwin
>
I can't comment on that, we're running the OpenLDAP server and I never
tried the
iPlanet server.
> -----Original Message-----
> From: Karsten Künne [mailto:kuenne@rentec.com]
> Sent: Thursday, May 24, 2001 7:59 AM
> To: John Luce
> Cc: tarjei@nu.no; Kurt D. Zeilenga; openldap-software@OpenLDAP.org
> Subject: Re: opendap sdk and ssl
>
> John Luce wrote:
> >
> > Where is there documentation on "How-To" use the SSL features in the LDAP
> > library to be used by clients ?
> >
> > In other words, I have an app that uses the ldap library to connect and
> > transfer data with the LDAP server. How does one get this app to open an
> > LDAP connection that uses SSL, reads and writes from the SSL connection
> and
> > closes the SSL connection.
> >
> > Any docs anywhere ?
> >
>
> Use:
>
> ldap_start_tls_s(LDAP *ldap, NULL, NULL);
>
> Worked fine for me. But you have to make sure that you're using LDAPV3,
> for
> instance by setting the option:
>
> int version = LDAP_VERSION3;
> ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &version);
>
> after the ldap_init call.
>
> > Is the 2.0.7 library broken in this respect ?
> >
> > ----- Original Message -----
> > From: "Kurt D. Zeilenga" <Kurt@openldap.org>
> > To: <tarjei@nu.no>
> > Cc: <openldap-software@openldap.org>
> > Sent: Thursday, May 24, 2001 9:18 AM
> > Subject: Re: opendap sdk and ssl
> >
> > > The 2.0 libraries support both LDAP over SSL and LDAPv3 Start TLS.
> > >
> > > Kurt
> > >
> > > At 05:20 AM 5/24/01, Tarjei Huse wrote:
> > > >Hi,
> > > >
> > > >Many different ldap packages (among them auth_ldap and pam/nss-ldap )
> > states
> > > >that the netscape sdk is needed to compile them with ssl support. Is
> this
> > > >true for openldap 2.0.x or is it just for the 1.2.x series?
> > > >
> > > >If no ssl support in the sdk exists, are there plans to include it?
> > > >
> > > >Also, what is the recomended version of the netscape sdk?
> > > >
> > > >Vennlig hilsen
> > > >Tarjei Huse
> > >
> > >
>
> --
> Karsten.
>
> +-Bruce Schneier about RAND-tables:----------------------------+
> |It lists them in 5 digit groups - 50 on a line and 50 lines on|
> |a page ("100097 32533 76520 13568..."). The table goes on for|
> |400 pages and exept for a particular racy section on page 283|
> |which reads "69696" makes for a boring read. |
> +--------------------------------------------------------------+
--
Karsten.
+-Bruce Schneier about RAND-tables:----------------------------+
|It lists them in 5 digit groups - 50 on a line and 50 lines on|
|a page ("100097 32533 76520 13568..."). The table goes on for|
|400 pages and exept for a particular racy section on page 283|
|which reads "69696" makes for a boring read. |
+--------------------------------------------------------------+begin:vcard
n:Künne;Karsten
tel;cell:+1 516 857 0406
tel;fax:+1 631 444 7073
tel;work:+1 631 444 7048
x-mozilla-html:TRUE
url:http://www.desy.de/~kuenne
org:Renaissance Technologies Corp.
adr;quoted-printable:;;Notkestr. 85=0D=0A22607 Hamburg;Hamburg;;22607;Germany
adr:;;;;;;
version:2.1
email;internet:kuenne@rentec.com
title:Dr.-Ing.
x-mozilla-cpt:;19264
fn:Karsten Künne
end:vcard