On Tue, Nov 12, 2013 at 2:34 AM, Jan Synacek <[email protected]> wrote: > TLS_REQCERT <level> > ... > try The server certificate is requested. If no certificate is > provided, the session proceeds normally. If a bad certificate is provided, the > session is immediately terminated. > Is the manpage wrong or is there any other way I can test the client with no > server certificate provided?
While troubleshooting an LDAP issue, I stumbled across an IRC log or mailing list comment (can't remember exactly) which basically said that try == hard and the manpage was inaccurate to say anything else (paraphrased). I have not perused the openldap server or client code to verify the accuracy of that statement, but the comment (and your results) matches my experience when troubleshooting. ...Todd -- The total budget at all receivers for solving senders' problems is $0. If you want them to accept your mail and manage it the way you want, send it the way the spec says to. --John Levine
