[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Client Authentication & TLS API
- To: openldap-software@OpenLDAP.org
- Subject: Client Authentication & TLS API
- From: Sangita Mohan <sangitam@qualcomm.com>
- Date: Tue, 19 Apr 2005 16:58:29 -0700
- In-reply-to: <6.2.2.1.2.20050225163328.050e43b0@unixmail.qualcomm.com>
- References: <6.2.2.1.2.20050216165455.04776ef8@unixmail.qualcomm.com> <4213F394.70209@symas.com> <87is4lvyik.fsf@vzell-de.de.oracle.com> <6.2.2.1.2.20050225163328.050e43b0@unixmail.qualcomm.com>
Hi,
I am trying to get client authentication via TLS working.
My code looks like
ldap_set_option(NULL,
LDAP_OPT_X_TLS_CACERTFILE, "C:\\ldap\\certs\\certs.p7b");
ldap_initialize(&pLd, "ldaps://myldapserver.com:636");
ldap_set_option( pLd, LDAP_OPT_PROTOCOL_VERSION, &ldap_version);
ldap_simple_bind_s(pLd, domain_name, password);
I enabled logging and these are the contents of my log file.
ldap_create
ldap_url_parse_ext(ldaps://myldapserver.com:636)
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP myldapserver.com:636
ldap_new_socket: 996
ldap_prepare_socket: 996
ldap_connect_to_host: Trying 128.61.3.251:636
ldap_connect_timeout: fd: 996 tm: -1 async: 0
ldap_ndelay_on: 996
ldap_ndelay_off: 996
TLS: could not load verify locations (file:`C:\ldap\certs\certs.p7b',dir:`').
ldap_result msgid 56640
ldap_chkResponseList for msgid=56640, all=0
ldap_chkResponseList for msgid=56640, all=0
ldap_int_select
ldap_abandon 56640
ldap_abandon_ext 56640
do_abandon origid 56640, msgid 56640
ldap_msgdelete
If I use the following code instead
ldap_set_option(NULL,
LDAP_OPT_X_TLS_CACERTFILE, "C:\\ldap\\certs\\certs.p7b");
pLd = ldap_init( server, 636 );
ldap_set_option( pLd, LDAP_OPT_PROTOCOL_VERSION, &ldap_version);
ldap_start_tls_s(pLd, NULL, NULL);
ldap_simple_bind_s(pLd, domain_name, password);
I am still unable to connect to the server. The contents of the log file are
ldap_create
ldap_extended_operation_s
ldap_extended_operation
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: TCP myldapserver.com:636
ldap_new_socket: 1008
ldap_prepare_socket: 1008
ldap_connect_to_host: Trying 128.61.3.251:636
ldap_connect_timeout: fd: 1008 tm: -1 async: 0
ldap_ndelay_on: 1008
ldap_ndelay_off: 1008
ldap_open_defconn: successful
ldap_send_server_request
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList for msgid=1, all=1
ldap_int_select
read1msg: msgid 1, all 1
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_send_server_request
ldap_result msgid 2
ldap_chkResponseList for msgid=2, all=1
ldap_chkResponseList for msgid=2, all=1
ldap_int_select
read1msg: msgid 2, all 1
ldap_result msgid 53354
ldap_chkResponseList for msgid=53354, all=0
ldap_chkResponseList for msgid=53354, all=0
ldap_int_select
read1msg: msgid 53354, all 0
ldap_abandon 53354
ldap_abandon_ext 53354
do_abandon origid 53354, msgid 53354
ldap_msgdelete
ldap_free_request (origid 2, msgid 2)
ldap_free_request (origid 1, msgid 1)
ldap_free_connection
ldap_send_unbind
ldap_free_connection: actually freed
Thanks much in advance.