Hi, First of all thanks for the reply. By replacing my ldapssl_client_init() call with ldapssl_advclientauth_init() solves my problem on Windows, but it is failing on HPUX platform. Currently when I run my application on HPUX 11i, call to ldapssl_advclientauth_init() crashes my calling process.
Please advise on this. On Jun 21, 7:32 pm, "Markus Moeller" <[EMAIL PROTECTED]> wrote: > To avoid certificate checks can you try ldapssl_advclientauth_init( > ssl_certdbpath, NULL , 0 , NULL, NULL, 0, NULL, 0); > instead of ldapssl_init. ldapssl_init is AFAK the same as > ldapssl_advclientauth_init( ssl_certdbpath, NULL , 0 , NULL, NULL, 0, NULL, > 2); > > If that works we can look at the content of your cert8.db file. > > Markus > > "Kashif Ali Siddiqui" <[EMAIL PROTECTED]> wrote in messagenews:[EMAIL > PROTECTED] > > > Hi, > > > I am facing a very serious problem. I am currently unable to get a > > successful LDAP bind over SSL. The LDAP server is Windows AD server with > > SSL enabled on default 636 port. The libraries I use is > > > * Mozilla c-sdk 6.0.3 > > * NSPR 4.6.4 > > * NSS 3.11.4 > > > Here is the sequence of calls I made ... > > > 1. ldap_set_option ( NULL, LDAP_OPT_SSL, LDAP_OPT_ON ) > > 2. ldapssl_client_init ( <path to directory that holds cert8.db>, NULL) > > 3. ld = ldapssl_init( <server ip address>, <server port>, 1 ) > > 4. ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, (void*)&version) > > 5. ldap_set_option(ld, LDAP_OPT_TIMELIMIT, &timeout ) > > 6. ldap_set_option(ld, LDAP_OPT_SIZELIMIT, (void *)&maxEntitiesLimit ) > > 7. ldap_set_option(ld, LDAP_OPT_RECONNECT, LDAP_OPT_ON ) > > 8. ldap_simple_bind_s(ld, <user dn>, <user passwd>) > > > The return values from calls 1 to 7 are all LDAP_SUCCESS, whereas the > > return value of call#8 returns LDAP_SERVER_DOWN. Although the server is up > > and running with SSL enabled, and why the error is returning. I have also > > check the settings (server-ip, port, user-dn, user-passwd) using a > > third-party ldap tool, Softera LDAP Administrator, and it works fine, > > confirming that there is some issue either in Mozilla LDAP libraries or in > > my code. > > > Please help me resolve this issue. > > > Kashif Ali Siddiqui _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
