[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS/SSL some questions...



Hi,

I've some questions about the TLS/SSL protocol...

- what does the API ldap_start_tls_s()? Does it just start the handshaking?
Does it ask the LDAP Server for its certificate?Don't you need the issuer
certif
at the client side to be able to verify it or does it always simply accept
the issuer?

- how can i avoid that the api asks for the pass phrase of the secret key?
   /* CLIENTS CERTS AND KEYS */
   rc = ldap_pvt_tls_set_option(NULL, LDAP_OPT_X_TLS_CERTFILE,
"C:\\LDAP\\cl1_crt.pem");
   if ( rc != LDAP_SUCCESS )
   {
   }
   rc = ldap_pvt_tls_set_option(NULL, LDAP_OPT_X_TLS_KEYFILE,
"C:\\LDAP\\cl1_sk.pem");
   if ( rc != LDAP_SUCCESS )
   {
   }

- Does anyone has a good description of the protocol?

Thanks,