[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: ignore server cert verification.



"man -M $MANPATH_FOR_OPENLDAP ldap.conf", read "TLS_REQUEST", I guess
the LDAP API should have the corresponding one.

Gary

-----Original Message-----
From: Abdul Basit [mailto:abasit@basit.cc] 
Sent: Friday, March 04, 2005 9:37 AM
To: Tay, Gary
Cc: openldap-software@openldap.org
Subject: RE: ignore server cert verification.



Right, but is there a way to ignore server CA verification
in ldap API? by default openssl does not verify it.
is it LDAP that's bailing out?

thanks
basit


On Thu, 3 Mar 2005, Tay, Gary wrote:

> I think Verisign shld send u an "intermediate trust CA cert" or 
> something like that to help u add it to CA list and then yr test cert 
> can be recognized.
>
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of Abdul Basit
> Sent: Friday, March 04, 2005 7:25 AM
> To: openldap-software@OpenLDAP.org
> Subject: ignore server cert verification.
>
>
>
> Hello,
>
>  my slapd is using a test certificate from verisign, and is not 
> available in trusted CA file that the client is using, therefore i am 
> getting this inside my client code.
>
> SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>
>  Can anyone please tell me how can i ignore server cert verification?
>
> Thanks
> Basit
>