Hi OpenLDAP team,
I have a question, simple I hope, for you - I need to send client certificate to the
server openldap server (by using openldap api and openSSL).
For completing this job, first I initalized ldap with url containing ldaps in the url
I have set
LDAP_OPT_PROTOCOL_VERSION -> LDAP_VERSION3
LDAP_OPT_X_TLS_CONNECT_ARG -> fqdn_of_ldap_server
and then I called ldap_sasl_bind:
ldap_sasl_bind(mLdapObj, NULL, "EXTERNAL", NULL, NULL, NULL, &msgid);
What I saw is that certficate from the server was received, but how to send client
certifikate. I played arround with LDAP_OPT_X_TLS_CERTFILE (sending the abs path to the
.pem file) but nothing. Also, I saw that this parameter was not taken into account - it
looks like ssl_ctx object used for ssl_connect does not include path to the file (like two
global structures used for setting up ctx know nothing about each other.)
Can you, help me with this?