Rahul Amaram wrote: > I have set up a ldap server with a wildcard certificate. Upon trying to > establish a TLS connection using python ldap, I get the error "TLS: > hostname does not match CN in peer certificate". This works fine if I > use a certificate with the exact domain name. Is this a bug? Are there > any known solutions to this? Looking forward to a response.
Well, personally I'd recommend not to use wildcard certs at all => I never tested anything like this. python-ldap simply relies on OpenLDAP libs which in turn rely on OpenSSL. Hmm, so this should be probably raised on the openldap-software mailing list. > P.S: "ldapwhoami" command establishes a TLS connection properly even > when using a wild-card certificate. So I am assuming it might be a > problem with python-ldap library. You might wanna dive into the source of ldapwhoami and look up which options they set. BTW: Are you sure that your local python-ldap installation uses the same OpenLDAP client libs like the ldapwhoami command-line tool? Ciao, Michael. ------------------------------------------------------------------------- Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW! Studies have shown that voting for your favorite open source project, along with a healthy diet, reduces your potential for chronic lameness and boredom. Vote Now at http://www.sourceforge.net/community/cca08 _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
