Hi Eric,
On Tuesday, 20. December 2005 14:40, Eric Nichols wrote:
> I think I am taking LDAPS where no one has gone before. I need to perform
> CRL (Certificate Revocation List) tests on a Net::LDAPS connection.
>
> I found the necessary option in IO::Socket:SSL: SSL_check_crl
>
> However Net::LDAPS does not seem to support it. I poked around
> Net::LDAP.pm and found a place to put it so it will pass on the value to
> IO::Socket::SSL.
>
> At line 201 I added:
> SSL_check_crl=$arg->{'checkcrl'} ? 1 : 0,
>
> So I followed the docs in Net::SSLeay on where to place the CRL so the test
> environment looks good. So when I run it, perl crashes. When the checkcrl
> option is turned off no problems... CA testing works etc.
>
> Can anyone offer any insight or a place to start looking?
I am just guessing (I dunno whether this works or not ;-):
Did you set capath ?
Acording to the man page it is necessary.
What were your options to the constructor of Net::LDAP ?
What does the directory pointed to by capath look like ?
> My Envoronment:
> openssl 0.98a
version 0.98 is modern enough (says man page)
CU
Peter
--
Peter Marschall
eMail: [EMAIL PROTECTED]
