Bandani,
Is the host name your connecting with in the Certificate?
Also, you can try an ldapseach with –ZZ to get some more
connection information.
Thanks,
Bradley Gill
From: BANDANI MAHARANA <[email protected]>
Sent: Saturday, August 13, 2022 6:11 AM
To: Bradley T Gill <[email protected]>
Cc: [email protected]
Subject: Re: [EXTERNAL] Unable to connect to 636 secure port using LDAP library
This is an EXTERNAL email. STOP. THINK before you CLICK links or OPEN
attachments. If suspicious please click the 'Report to Incidents' button in
Outlook or forward to [email protected]<mailto:[email protected]> from a mobile
device.
Hi Bradley,
Thanks for the input. yes In windows platform it is added to the trusted root
certificate chain list. I have verified from mmc. But still I'm not able to
connect to the server.
Same code I have implemented in Android and iOS platform and getting the same
error as mentioned in the above email.
Kindly suggest any changes required to make it work.
Thanks & Regards,
Bandani Maharana
On Fri, Aug 12, 2022 at 5:46 PM Bradley T Gill
<[email protected]<mailto:[email protected]>> wrote:
Have you configured your certificate TrustStore to trust the Chain that signed
the Certificate on LDAPS?
The trust should be defined the ldap.conf using TLS_CACERT
Bradley Gill
From: BANDANI MAHARANA
<[email protected]<mailto:[email protected]>>
Sent: Thursday, August 11, 2022 2:50 PM
To: [email protected]<mailto:[email protected]>
Subject: [EXTERNAL] Unable to connect to 636 secure port using LDAP library
This is an EXTERNAL email. STOP. THINK before you CLICK links or OPEN
attachments. If suspicious please click the 'Report to Incidents' button in
Outlook or forward to [email protected]<mailto:[email protected]> from a mobile
device.
Hi Team,
I am trying to connect to an Active directory server using 636 port for secure
connection. I am using the openldap library to establish the connection.
Implementation is completed for insecure connection using 389 port. Below is
the code snippet I am using to establish the connection with ldap server in 636
port.
LDAP * ldap_handler;
int return_value = ldap_initialize(ldap_handler,
"ldaps://TestServer.mylab.com:636<https://urldefense.com/v3/__http:/TestServer.mylab.com:636__;!!H3PqUTRkow!5XwTvAdX-76W7PZXtxr1m6uFTwF4LHIFgEqTfLRGdUbgDYOYq3vHb7GrGht4tpLy4utfByKHJVX_EBgymZLFKQ$>");
//server url
if (return_value == LDAP_SUCCESS) {
cout<<"LDAP initialized successfully"; // this is successful for
me
} else {
cout<<"LDAP initialization failed";
}
int return_value = ldap_set_option(*ldap_handler,
LDAP_OPT_PROTOCOL_VERSION, LDAP_VERSION3);
if(return_value == LDAP_SUCCESS) {
cout<<"success"; // this is successful for me
} else {
cout<<"failed";
}
const char * CACERT_FILE_PATH = "certificate/mylab-TESTSERVER-CA.cer";
//certificate path
int return_value1 = ldap_set_option(*ldap_handler,
LDAP_OPT_X_TLS_CACERTFILE, CACERT_FILE_PATH);
if (return_value1 == LDAP_SUCCESS) {
} else {
// its failing here with error -1, and error string "Can't contact to
LDAP server"
}
int return_value = ldap_simple_bind_s(*ldap_handler,
"mylab\administrator", ""pwd@1234");
if (return_value == LDAP_SUCCESS) {
//success
} else {
// its failing here with error -1, and error string "Can't contact to
LDAP server"
}
I have verified the same thing is working when connecting to 389 port.
Could you please suggest how to make this work for secure ldap connection over
ssl? Please provide some examples or references. It will be helpful for me.
Thanks & Regards,
Bandani
