[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: windows client TLS connection failed

I see...but if I'm using pem file, I will not be able to install the CA cert in in windows machine right ? So, the windows client will not be able to recognize / trust the CA cert...
Anybody has written ldap client for windows before ? How to make the TLS/SSL work ?

Howard Chu <hyc@symas.com> wrote:
Lara Adianto wrote:

> Hi,
> I'm writing a simple ldap client for windows. I have compiled the
> necessary openldap library (libldap and liblber) with TLS/SSL using
> MSVC++ to be used by the windows client. The server is an openldap
> server installed in linux. Without TLS/SSL, the client can connect
> successfully to the server, but adding TLS (ldap_start_tls_ssl), it
> failed with error code 91:
> ldap_start_tls_s: 91, connect error.
> I installed the ca.der of the server in the windows client, and set it
> with:
> rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, cacert);
> in my code. The cacert contains the location of the ca.der and the
> certificate is valid.

The OpenLDAP library does not use DER files, only PEM files.

-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support

La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -

Do you Yahoo!?
Send holiday email and support a worthy cause. Do good.