Hi Michael,
On Monday, 28. May 2012, Michael Ströder wrote:
Peter Marschall wrote:
On Monday, 28. May 2012, Philip Guenther wrote:
On Mon, 28 May 2012, Michael Ströder wrote:
Peter Marschall wrote:
how do the openldap tools technically verfify certificates with ldapi:// ?
Which certs do you want to verify?
I assume the answer is "the one the server returns when you do StartTLS on the ldapi:// connection".
Correct.
So if the quite liberal RFC 6125 does not provide any inspiration this boils down to being undefined. StartTLS over LDAPI is an unusal scenario anyway.
Thanks for your reply. It helps a bit ("looking at the issue from the standard angle"), but my question was how the openldap tools do it.
Best Peter