Hi everyone,
 
                 I am trying to write an LDAP browser that uses both plain text and TLS.The plain text works fine but when I am using "ldap_start_tls_s" I get an error:
 
ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
 
Also just to note ldapsearch works fine.
 
ldapsearch -vLxZZ -b "dc=example,dc=com" "(objectClass=*)"
 
no problem with this.
 
My code fragment is below:
 

if ((ld = ldap_init(ldap_host, LDAP_PORT)) == NULL ) {

perror( "ldap_init failed" );

exit( EXIT_FAILURE );

}

/* set the LDAP version to be 3 */

if (ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &desired_version) != LDAP_OPT_SUCCESS)

{

ldap_perror(ld, "ldap_set_option");

exit(EXIT_FAILURE);

}

if(ldap_start_tls_s(ld,NULL,NULL)!=LDAP_SUCCESS)

 {

 ldap_perror(ld, "ldap_start_tls");

exit(EXIT_FAILURE);

}

Please help :(
 
Thanks,
 
Shawn