[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ldap_set_option problem

Philip Bellino wrote:
I am running OpenLDAP-2.3.32 on both a Linux server (using SLAPD) and a Linux client.

On the client, I am doing the following:

ldap_initialize(&ldap, ldapuri); - works fine.
ldap_set_option(ldap, LDAP_OPT_PTOTOVOL_VERSION, &ldapver); - ldapver =3 - works fine.

Err = ldap_set_option(ldap, LDAP_OPT_X_TLS_CACERTFILE, "/usr/local/etc/openldap/cacert.pem");

Err comes back as a -1. If I replace ldap with NULL, I do not get the error.

Has anyone seen this error?

In OpenLDAP 2.3 and older, the CACERTFILE is a global setting. You cannot set it just for a particular LDAP session. Using NULL is the normal method for setting a global option, which is why that works without any error.

In OpenLDAP 2.4 you can set these items on a per-session basis.
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  Chief Architect, OpenLDAP     http://www.openldap.org/project/