Re: TLS: during handshake: Peer certificate is not trusted: kSecTrustResultRecoverableTrustFailure

--On Saturday, October 3, 2020 12:36 AM +0000 Siddharth Jain siddjain@live.com wrote:

But ldapsearch throws an error:

$ ldapsearch -d 1 -x -H ldaps://ldap.foo.com:636 ... -ZZ

This is not valid.

Either you:

(a) use ldap:// with -ZZ (startTLS)

OR

(b) use ldaps://

Both will result in a TLS secured connection if successful

But you absolutely CANNOT combine startTLS + ldaps://

Regards, Quanah

--

Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com