Hi, all I wonder the ldap_api ldap_start_tls_s() function really do ? How do it make sure that the certificate that is passed over is valid and indeed belong to the server. Thanz sze yee