Hello,
I was asked to expand some C++ software to do ldap queries with TLS on a server with SSL certificate. We want the server to authenticate by its certificate so our software is protected from fake servers.
Before I dig too deep into the API, I would like to know:
- Is it possible with LDAP API to extract the servers certificate data to verify its integrity? - or should I program it directly with openSSL API?
Thank you for sharing your wisdom,
kind regards, --- Robert Welz
Robert Welz wrote:
Hello,
I was asked to expand some C++ software to do ldap queries with TLS on a server with SSL certificate. We want the server to authenticate by its certificate so our software is protected from fake servers.
Before I dig too deep into the API,
You should think about what you're asking for. This is such a common use case that it is already fully supported. Just read the docs.
http://www.openldap.org/doc/admin24/tls.html
openldap-technical@openldap.org
-
Howard Chu -
Robert Welz