Hi all,
I have few question on proper usage of
ldap_opt_x_tls_require_cert option.
when ldap_opt_x_tls_require_cert is set to LDAP_OPT_X_TLS_ALLOW on ldap
handle after ldap_initialize, it was not working. It failed with
certificate verify error. But according to the ldap.conf man page, setting
LDAP_OPT_X_TLS_ALLOW option should not verify the server certificate
After googling around found that LDAP_OPT_X_TLS_ALLOW should be set on
global handle. Then got rid of certificate verify error.
But I faced a new problem ,changing LDAP_OPT_X_TLS_ALLOW to
LDAP_OPT_X_TLS_TRY in the same process doesnt verify the certificate. When
i kill the process and restart it, it verifies the certificate properly.
Somehow i managed to solve the problem by setting clearing the context
using *LDAP_OPT_X_TLS_NEWCTX
int tls=**LDAP_OPT_X_TLS_ALLOW*
*ldap_set_option(NULL,**LDAP_OPT_X_TLS_REQUIRE_CERT,*&tls)
*j=0
ldap_set_option(NULL,**LDAP_OPT_X_TLS_NEWCTX,&j)
*But when i try to set *LDAP_OPT_X_TLS_REQUIRE_CERT *after clearing
context, it is not working.
Can someone explain the correct usage of *LDAP_OPT_X_TLS_REQUIRE_CERT *
option*
*Regards,
Thiyagu
