[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SSL/TLS



Hello,

Is this correct?

int   main (argc, argv)
int   argc;
char  *argv[];
{
	LDAP		*ld = NULL;
   int      version=LDAP_VERSION3;
   int      rc;

   printf ("INIT...");
   ld = ldap_init("192.168.0.49", 389);
   if( ld == NULL )
   {
      printf ("Init Error...\n");
      return(1);
   }

   if( ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version )	!=
LDAP_OPT_SUCCESS )
   {
      fprintf( stderr, "Could not set LDAP_OPT_PROTOCOL_VERSION %d\n",
version );
      return 1;
   }

   if ( ldap_start_tls_s( ld, NULL, NULL ) != LDAP_SUCCESS )
   {
      ldap_perror( ld, "ldap_start_tls" );
   }
}

Why do I get ldap_start_tls: Success?
(returnvalue ldap_start_tls_s() != LDAP_SUCCESS)

What do I have to do for client based authentication
How do I have to specify the clients secret/public key?
Where to specify the CA cert?

Thanks,
Geert


-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Norbert Klasen
Sent: vrijdag 24 augustus 2001 10:44
To: Geert.Van.Muylem@skynet.be
Cc: LDAP Mailing List
Subject: Re: SSL/TLS




--On Freitag, 24. August 2001 00:15 +0200 Geert Van Muylem
<Geert.Van.Muylem@skynet.be> wrote:

> ldapsearch -Z -b "c=be" -h "192.168.0.49" -p 636 "objectclass=*"

Your trying to initiate an LDAP connection (with subsequent START_TLS) to
an LDAPS port. This will not work. To access LDAPS use
ldapsearch -H ldaps://192.168.0.49 -b c=be

--
Norbert Klasen
DAASI International GmbH                 phone: +49 7071 2970336
Wilhelmstr. 106                          fax:   +49 7071 295114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de