[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: 3rd try : Bug ? ldap_start_tls_s successful even after removing ca certificate from ca cert dir

Philip Guenther wrote:
On Thu, 28 Aug 2014, SOMA SEKHAR wrote:
   . From what you are saying , I understood that SSL_CTX had conext from
which the ca cert is verified for the second time. Please correct me if
I am wrong

That's my *guess*, but I may be completely wrong.  I no longer have a need
to "JUST MAKE IT WORK" for my job, so I'm not going to waste my time
reading the openldap source to find a workaround for the stuff that the
openldap developers aren't going to stand behind by documenting.

We aren't going to spend our time documenting what individual TLS libraries do. With various distros using GnuTLS or MozNSS, that's clearly beyond our scope.

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/