[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS/SSL in OpenLDAP 2.0 gamma clients

To: Art Corcoran <acorcoran@vitria.com>
Subject: RE: TLS/SSL in OpenLDAP 2.0 gamma clients
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 24 Aug 2000 16:45:13 -0700
Cc: "'openldap-software@openldap.org'" <openldap-software@OpenLDAP.org>
In-reply-to: <55436653EBCAD3119AA7009027C406FFABE647@vt-sjc-ms2.vitria.c om>

At 04:24 PM 8/24/00 -0700, Art Corcoran wrote:
>OK, so the StartTLS method makes a request over the default port (389) to invoke the startTLS extended operation, right?

Yes.

>Unfortunately, when I try that I get a "protocol error" from iPlanet.  I assume that means iPlanet doesn't support StartTLS.  :-( 

Likely.  You can examine their root DSE to see if the Start TLS request
OID is listed in supportedExtension.

>The LDAPS is what I really wanted to do anyway.  Unfortunately, the -h option to ldapsearch is for host names only, not for URLs (this arg is passed unmodified to ldap_init(), which wants a hostname).

Well, that's the way I thought it was suppose to work (I don't use
ldaps:// myself).  Report it as a bug using the Issue Tracking System
(http://www.openldap.org/its/).

        Kurt

Prev by Date: Re: giving access to write below a branch
Next by Date: Re: get help
Index(es):
- Chronological
- Thread