OK, I discovered that I have to use NULL for those LDAP* on those two options and then it works as expected.
So, couple questions: 1. Are all of the TLS and SASL global options? (i.e., need ld=NULL) 2. Does it say somewhere which options are global or not? (the man page does not) Thanks, Frank On Tue, Apr 5, 2016 at 5:41 PM, Frank Crow <[email protected]> wrote: > Hi, > > I've got some code that uses ldap_start_tls_s() and the server requires > client-side certificates. If I set them in the environment, e.g., > > # export LDAPTLS_CERT="/etc/openldap/some.crt" >> # export LDAPTLS_KEY="/etc/openldap/some.key" > > > Then everything works fine. However, if I use: > > const char* tls_cert="/etc/openldap/some.crt"; >> const char* tls_key="/etc/openldap/some.key"; >> ldap_set_option( ld, LDAP_OPT_X_TLS_CERTFILE, tls_cert ); >> ldap_set_option( ld, LDAP_OPT_X_TLS_KEYFILE, tls_key ); > > > Then it doesn't work. What am I doing wrong? Should it be "&tls_cert" > and "&tls_key"? > > I did do an ldap_get_option() using both methods to verify and I get the > value that I'm expecting either way. > > > Thanks, > -- > Frank > -- Frank
