Pierangelo Masarati writes: > ldap_set_option LDAP_OPT_X_TLS = LDAP_OPT_X_TLS_HARD,
This treats ldap_init/open() and ldap:// connections as ldaps:// connections. Maybe you mean LDAP_OPT_X_TLS_REQUIRE_CERT, whose HARD choice means to require that the client cert is validated. See my message "ldap_<set/get>_option() weirdness" of Jul 13. I could commit the ldap_set_option() manpage I wrote, but I don't really want to document misfeatures or bugs. -- Hallvard
