[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL Question: Is Everyone Ignorant or Just Non-responsive

Hi John,

	I think I am trying to do the same type of thing that you are
trying to do.  I want my application to be able to access the certificate
of the LDAP server (over ldaps:// or TLS, I dont particularly care which),
and I have been working on other things for the last little while.

	In a post from Kurt Zeilanga, he noted that the openssl s_client
program could read the certificate information from a ldap server running
on ldaps:// .  This works for me - I can see my certificate and presumably
if I looked at what the openssl s_client was doing on this and wrote
something like this in my application then I should be able to get it
working. I haven't done this yet, but I plan to .  It would be nice if ?I
could figure out how to get this working over TLS that would be even
nicer, but right now it doesnt look to possible.

	The ldap library doesn't seem to provide any nice way to access
the LDAP server certificate, which is a pain for me, but I guess that it
isn't a common thing to do.

	I would love to hear any tips you receive or have come up with.


Matt Maynard
4B Computer Science University of Waterloo