Hey Michael,
thanks for remembering! I will it out!
Best,
Fredrik
Michael Ströder schrieb:
> Fredrik,
>
> I've learned the hard way now that settings in .ldaprc and ldap.conf have
> precedence over what you set in your Python code via ldap.set_option() or
> LDAPObject.set_option(). Best thing
Fredrik,
I've learned the hard way now that settings in .ldaprc and ldap.conf have
precedence over what you set in your Python code via ldap.set_option() or
LDAPObject.set_option(). Best thing is to use this code-line to completely
switch off processing of .ldaprc and ldap.conf in libldap:
os.env
> Hmm, there's nothing you can do at the python-ldap level. AFAIK cert
> validation is completely done within the OpenSSL libs, except the host name
> checking.
>
> Could you please test with OpenLDAP's command-line tool ldapsearch. This is
> important: Please use the tool which uses the very same
Fredrik Melander wrote:
> I've given my LDAP server an expired cert for testing, but when calling
> start_tls_s() the script just proceeds as were nothing wrong.
Hmm, there's nothing you can do at the python-ldap level. AFAIK cert
validation is completely done within the OpenSSL libs, except the h
