My mistake, I forgot to configure TLS_CACERT in ldap.conf. I thought I checked that yesterday evening.
Olivier On Tue, Sep 3, 2013 at 10:49 AM, Olivier Nicole <[email protected]> wrote: > Hi, > > I have a small program that I wrote some time back. It authenticates > against an LDAP server. > > Linked with the library provided with OpenLDAP 2.3.40 it works fine, but > when I tried to upgrade to 2.4.35, it would not bind anymore. > > The LDAP server (on a different machine) has not changed, the version of > my program with the old library is still working fine. > > I am getting the error: Can't contact LDAP server > > I am useing self signed CA. > > The program is below. > > Thank you in advance, > > Olivier > > i=ldap_initialize(&ldap, "ldaps://ldap.x.y.z/"); > if (i != LDAP_SUCCESS) { > ERROR; > } > i=ldap_set_option(ldap, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); > if (i!=LDAP_OPT_SUCCESS) { > ERROR; > } > i=ldap_set_option(ldap, LDAP_OPT_RESTART, LDAP_OPT_ON); > if (i!=LDAP_OPT_SUCCESS) { > ERROR; > } > res=LDAP_VERSION3; > i=ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &res); > if (i!=LDAP_OPT_SUCCESS) { > ERROR; > } > > /* DN containts the dn and passwd contains the password, they are > correct */ > > i=ldap_bind_s(ldap, DN, passwd, LDAP_AUTH_SIMPLE); > if (i != LDAP_SUCCESS) { > if (i==49) { > /* bad user or password */ > } > else if (i==53) { > /* empty password */ > } > else { > /* print ldap_err2string(i) */ > /* this is where I get the error */ > } > } > > -- >
