Thanks,  that helps it's now working. 

Don 

On Sunday, September 10, 2017, 2:51:15 PM MDT, Quanah Gibson-Mount <quanah@symas.com> wrote:


--On Sunday, September 10, 2017 2:25 PM +0200 Michael Ströder
<michael@stroeder.com> wrote:
> I thought you have to set LDAP_OPT_X_TLS_NEWCTX to 0 *after* setting all
> TLS-related options to let libldap reinitialize the client's SSL context.
> Doesn't that work as expected?

Well, my point was, he's doing:

ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);

when instead you have to do:

ldap_set_option (NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);

and then set up a new TLS context.

--Quanah


--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>