Hi,
I am trying to write a simple C program that can
connect to my university's LDAP server. However, each
time I try to connect, I get the following error
messages:
ldap_start_tls_s: Connect error (91)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
ldap_simple_bind_s: Can't contact LDAP server (81)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
It would seem as if ldap_start_tls_s is unable to
recognise a certificate that is sent by the server.
Is there any way of ignoring the certificate?
Here is my code:
// begin tlstest.c
#include <stdio.h>
#include <ldap.h>
int main()
{
LDAP *ldapStruct;
int ldap_vers = LDAP_VERSION3;
int ldap_tls = LDAP_OPT_X_TLS_ALLOW;
ldapStruct = ldap_init("ldap.usherbrooke.ca",
LDAP_PORT);
if(ldap_set_option(ldapStruct,LDAP_OPT_PROTOCOL_VERSION,&ldap_vers)
!= LDAP_SUCCESS)
{
ldap_perror( ldapStruct, "ldap_set_option" );
}
if(ldap_start_tls_s(ldapStruct,NULL,NULL) !=
LDAP_SUCCESS)
{
ldap_perror( ldapStruct, "ldap_start_tls_s" );
}
if ( ldap_simple_bind_s( ldapStruct, "ou=lanj1703,
dc=USherbrooke, dc=ca", "12testing" ) != LDAP_SUCCESS
)
{
ldap_perror( ldapStruct, "ldap_simple_bind_s" );
}
return (0);
}
// end of tlstest.c
I compile it using :
gcc -lldap tlstest.c -o tlstest
Thanks!
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail