Hi everyone,
I am trying to write an LDAP browser that uses both plain text and TLS.The plain text works fine but when I am using "ldap_start_tls_s" I get an error:
ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Also just to note ldapsearch works fine.
ldapsearch -vLxZZ -b "dc=example,dc=com" "(objectClass=*)"
no problem with this.
My code fragment is below:
if ((ld = ldap_init(ldap_host, LDAP_PORT)) == NULL ) {
perror( "ldap_init failed" );
exit( EXIT_FAILURE );
}
/* set the LDAP version to be 3 */
if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version) != LDAP_OPT_SUCCESS)
{
ldap_perror(ld, "ldap_set_option");
exit(EXIT_FAILURE);
}
if(ldap_start_tls_s(ld,NULL,NULL)!=LDAP_SUCCESS)
{
ldap_perror(ld, "ldap_start_tls");
exit(EXIT_FAILURE);
}
Please help :(
Thanks,
Shawn