Philip Guenther wrote:
On Thu, 28 Aug 2014, SOMA SEKHAR wrote:
. From what you are saying , I understood that SSL_CTX had conext from which the ca cert is verified for the second time. Please correct me if I am wrong
That's my *guess*, but I may be completely wrong. I no longer have a need to "JUST MAKE IT WORK" for my job, so I'm not going to waste my time reading the openldap source to find a workaround for the stuff that the openldap developers aren't going to stand behind by documenting.
We aren't going to spend our time documenting what individual TLS libraries do. With various distros using GnuTLS or MozNSS, that's clearly beyond our scope.