[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Client Authentication

At 04:12 PM 5/17/2005, Sangita Mohan wrote:
>- I can't find any OpenLDAP API to get server certificate information. Does that mean I have to use OpenSSL API to get server certificate information?


>- How do I determine from OpenLDAP that my bind has failed because the signature of the server certificate does not match the signature of one of our CA certificates?  Is there any  return error code that would determine that?

As there is no server certificate check involved in an LDAP
bind operation, there is no API error code to indicate the
outcome of such a check.  The server certificate check is
normally done as part of the StartTLS operation.