Thanks. Anton, Do you have more detailed suggestions, especially for 1:).
For: > 1:) And I am trying to let my ldap client (using c-sdk) to accept some > authentication cases, such as: > =========== > Certificate Has Expired. > Allow Self Signed > Certificate Not Yet Valid > ... > Can the c-sdk allow me to override them? I still do know how. For > 2:) Also can NSS allow me to specify SSLVerifyDepth when > authentication the Cert from ldap server? Probably NSS doesn't do that, so there is no way to achieve it. For 3:) How can I specify the Cipher Suites I want to use for the ssl > connection? I noticed that I can crack the lib API, such as: ldapssl_advclientauth_init to SSL_CipherPrefSetDefault to do that. So it is not a problem anymore. Thanks On Apr 14, 3:59 am, Anton Bobrov <[email protected]> wrote: > yes, you gonna have to address that via NSS SSL API. > > On 14/04/2010 04:16, huican wrote: > > > Hello Anton, > > > Do you have any suggestions here? Is there any easy way to crack on > > the csdk level? or I have to crack it on the NSS lib, and how? > > I am using the ldap csdk 6.0.4.1. > > > Thanks > > > On Apr 12, 4:02 pm, huican<[email protected]> wrote: > >> Hello, > > >> I read through the doc about the c-sdk about the "connection over > >> ssl". It is not very detailed, and now I have some questions. > > >> 1:) And I am trying to let my ldap client (using c-sdk) to accept some > >> authentication cases, such as: > >> =========== > >> Certificate Has Expired. > >> Allow Self Signed > >> Certificate Not Yet Valid > >> ... > >> Can the c-sdk allow me to override them? > > >> 2:) Also can NSS allow me to specify SSLVerifyDepth when > >> authentication the Cert from ldap server? > > >> 3:) How can I specify the Cipher Suites I want to use for the ssl > >> connection? > > >> Thanks > >> Huican Ping > > > _______________________________________________ > > dev-tech-ldap mailing list > > [email protected] > >https://lists.mozilla.org/listinfo/dev-tech-ldap _______________________________________________ dev-tech-ldap mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-ldap
