RE: Using TLS

--On Friday, June 23, 2017 10:31 PM +0000 Daniel Le daniel.le@exfo.com wrote:

Thanks Quanah.

Using OpenLDAP API, is it correct to set client TLS option to -not- validate server certificates as follows?

int opt; opt = LDAP_OPT_X_TLS_NEVER; rc = ldap_set_option(NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &opt);

You still have to reinitialize the global context, as in my commit, for the filehandle. So you'd want these two lines to be following:

int new_ctx = 0; rc = ldap_set_option(ld, LDAP_OPT_X_TLS_NEWCTX, &new_ctx)

etc.

--Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com