[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using TLS connecting to a AD server. openldap2.4.42

To: Quanah Gibson-Mount <quanah@symas.com>, openldap-technical@openldap.org
Subject: Re: Using TLS connecting to a AD server. openldap2.4.42
From: Michael Ströder <michael@stroeder.com>
Date: Sun, 10 Sep 2017 13:25:12 +0200
In-reply-to: <044DF1D6600527D8571B6CB5@[192.168.1.30]>
References: <562266727.5579513.1504892914660.ref@mail.yahoo.com> <562266727.5579513.1504892914660@mail.yahoo.com> <WM!397d278a8743224aa5f4a5c0b3fe682259437befb38ee1bb0566ec0c36f8d9cb83b041ec332aa5344ef1102a84e08108!@mailstronghold-1.zmailcloud.com> <044DF1D6600527D8571B6CB5@[192.168.1.30]>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:51.0) Gecko/20100101 SeaMonkey/2.48

Quanah Gibson-Mount wrote:

--On Friday, September 08, 2017 6:48 PM +0000 Don jessup
<djessup72@yahoo.com> wrote:

int reqcert = LDAP_OPT_X_TLS_NEVER;
ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);

Is there way to make this work programmatically without using
the ldap.conf?


Yes.  The problem is the TLS options generally have to be set
globally.

???

I thought you have to set LDAP_OPT_X_TLS_NEWCTX to 0 *after*setting all TLS-related options to let libldap reinitialize theclient's SSL context. Doesn't that work as expected?


Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- Using TLS connecting to a AD server. openldap2.4.42
  - From: Don jessup <djessup72@yahoo.com>
- Re: Using TLS connecting to a AD server. openldap2.4.42
  - From: Quanah Gibson-Mount <quanah@symas.com>

Prev by Date: Invalid credentials problem
Next by Date: Re: Invalid credentials problem
Index(es):
- Chronological
- Thread