My mistake, I forgot to configure TLS_CACERT in ldap.conf.
I thought I checked that yesterday evening.
Olivier
On Tue, Sep 3, 2013 at 10:49 AM, Olivier Nicole Olivier.Nicole@cs.ait.ac.th wrote:
Hi,
I have a small program that I wrote some time back. It authenticates against an LDAP server.
Linked with the library provided with OpenLDAP 2.3.40 it works fine, but when I tried to upgrade to 2.4.35, it would not bind anymore.
The LDAP server (on a different machine) has not changed, the version of my program with the old library is still working fine.
I am getting the error: Can't contact LDAP server
I am useing self signed CA.
The program is below.
Thank you in advance,
Olivier
i=ldap_initialize(&ldap, "ldaps://ldap.x.y.z/"); if (i != LDAP_SUCCESS) { ERROR; } i=ldap_set_option(ldap, LDAP_OPT_REFERRALS, LDAP_OPT_OFF); if (i!=LDAP_OPT_SUCCESS) { ERROR; } i=ldap_set_option(ldap, LDAP_OPT_RESTART, LDAP_OPT_ON); if (i!=LDAP_OPT_SUCCESS) { ERROR; } res=LDAP_VERSION3; i=ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION, &res); if (i!=LDAP_OPT_SUCCESS) { ERROR; }
/* DN containts the dn and passwd contains the password, they are correct */
i=ldap_bind_s(ldap, DN, passwd, LDAP_AUTH_SIMPLE); if (i != LDAP_SUCCESS) { if (i==49) { /* bad user or password */ } else if (i==53) { /* empty password */ } else { /* print ldap_err2string(i) */ /* this is where I get the error */ } }
--