Hi!
When trying to require integrity for LDAP connections by specifying "ssf=1" in Security, I have a problem with Perl where the cat bites its tail:
It's recommended to query the root DSE for TLS extension before trying to use TLS like this:
my $dse = $ldap->root_dse();
if ($dse->supported_extension(LDAP_EXTENSION_START_TLS)) { my $msg = $ldap->start_tls('verify' => 'require', 'capath' => '/etc/ssl/certs'); ...
Unfortunately the root_dse() fails with the security restriction: "confidentiality required"
Note: The manual says: "0 (zero) implies no protection, 1 implies integrity protection only"
So is "confidentiality" actually "integrity" here, and are here any solutions to this problem?
Regards, Ulrich Windl