Rich Megginson wrote: > Is it possible to use two different CA certs in a single python-ldap > app?
There are two options: 1. Stuff all trusted CA certs into one "PEM" file and use ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, '/path/to/allcacerts.pem') 2. Copy all CA certs in a directory and use ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, '/path/to/cacerts') For faster look up with option . you should generate symbolic links like described here: http://gagravarr.org/writing/openssl-certs/others.shtml#ca-openssl ln -s my_ca.crt `openssl x509 -hash -noout -in my_ca.crt`.0 I think you can find pretty much docs about how OpenSSL handles multiple CA certs. BTW: With OpenLDAP 2.4 client libs you can also set ldap.OPT_X_TLS_CACERTDIR connection-specific. Ciao, Michael. ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Python-LDAP-dev mailing list Python-LDAP-dev@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/python-ldap-dev
