Hello, I am running OpenLDAP-2.3.32 on both a Linux server (using SLAPD) and a Linux client.
On the client, I am doing the following:
ldap_initialize(&ldap, ldapuri); - works fine. ldap_set_option(ldap, LDAP_OPT_PTOTOVOL_VERSION, &ldapver); - ldapver =3 - works fine.
Err = ldap_set_option(ldap, LDAP_OPT_X_TLS_CACERTFILE, "/usr/local/etc/openldap/cacert.pem");
Err comes back as a -1. If I replace ldap with NULL, I do not get the error.
Has anyone seen this error?
Thanks, Phil Bellino ============================ Phil Bellino MRV Communications, Inc. Boston Product Division 295 Foster St. Littleton,MA 01460 Tel: (978)952-4807 Email: pbellino@mrv.com ============================
Philip Bellino wrote:
Hello, I am running OpenLDAP-2.3.32 on both a Linux server (using SLAPD) and a Linux client.
On the client, I am doing the following:
ldap_initialize(&ldap, ldapuri); - works fine. ldap_set_option(ldap, LDAP_OPT_PTOTOVOL_VERSION, &ldapver); - ldapver =3
- works fine.
Err = ldap_set_option(ldap, LDAP_OPT_X_TLS_CACERTFILE, "/usr/local/etc/openldap/cacert.pem");
Err comes back as a -1. If I replace ldap with NULL, I do not get the error.
Has anyone seen this error?
In OpenLDAP 2.3 and older, the CACERTFILE is a global setting. You cannot set it just for a particular LDAP session. Using NULL is the normal method for setting a global option, which is why that works without any error.
In OpenLDAP 2.4 you can set these items on a per-session basis.
openldap-software@openldap.org
-
Howard Chu -
Philip Bellino