Eric Nichols wrote:
I have not been able to figure out how to dump more info on the encryption levels, certificate CN & expiration date etc. Should this be done through the openssl functions? If so, what do I hook them to?
Your rather general questions yields a rather general answer - I would guess that e.g. http://www.symas.com/blog/?page_id=74 and https://help.ubuntu.com/community/SecuringOpenLDAPConnections describes what you are looking for. Note that negotiating TLS with openssl is not yet enabled for LDAP, only for SMTP.
I haven't seen certificate information in any loglevel either, just through stracing the process.
If the purpose is to intercept the encryption mechanisms within the OpenLDAP code, I suggest you try the openldap-devel mailing list for more information.
Hope this helps.