--On Thursday, August 26, 2021 8:57 PM +0200 "A. Schulze" sca@andreasschulze.de wrote:
Am 25.08.21 um 17:43 schrieb Quanah Gibson-Mount:
I took over a service using the Perl NET::LDAPapi. Now I fail to establish an LDAPS connection. Does anybody know if that's even supported and if so, how I've to setup that?
Yes, it's fully supported and has been as long as I've used it (about 2 decades now). For ldaps:// connections, you need to pass in an ldaps:/// URI. It will pull its defaults for TLS like any other libldap linked ldap application.
Hello,
thanks Quanah, for that clarification. I only found [1] that promise TLS-Support when build with a "Mozilla SDK" I also checked I used ldaps:/// (with three /). LDAPTLS_CACERT was also set, as Michael suggested.
ldaps:/// wouldn't be valid by itself, unless you were connecting to the localhost.
I.e., ldaps://my.domain.com:636/ would be valid (or just ldaps://my.domain.com/ if listening on 636 by default).
The documentation hasn't been touched in years. I don't think it even supports compiling against the abandoned mozilla SDK At this point. It will support whatever support libldap has been compiled with.
The primary reason to use Net::LDAPapi is if speed is a concern, as it is significantly faster than Net::LDAP. If it isn't of a concern, then Net::LDAP is fine.
Generally I consider Net::LDAPapi abandonware.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com