[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP and TLS

Hi all,

Is it possible to get the client programs to verify server sertificates
when using starttls? I have played with pam_ldap and nss_ldap for a
couple of hours and they seem to work with "ssl starttls" but they accept
the server certficate without any checks! The same thing is with a '-Z'
flag of ldapsearch and other openldap tools.

Is this something pam_ldap/nss_ldap spesific or is the openldap library
missing the routines?

Jarkko Turkulainen
UNIX Administrator, Wapit Ltd.