[Date Prev][Date Next] [Chronological] [Thread] [Top]

Question about using openLDAP with TLS



Hi everyone, I had a question about the TLS/SSL side of openLDAP.

I would like to create a C program that runs on a computer that uses LDAP as one of its login methods.  Of course I would need to use SSL or Kerberos for secure login.

My knowledge of SSL is small so forgive me.

My question is, when I have an administrator login to this program just after installation and he/she sets up the LDAP parameters along with the option for TLS LDAP, he/she should obtain an SSL ticket from the LDAP server right?

The admin should be prompted by the program once to accept or reject the SSL ticket right?

Where is this ticket stored on the client computer?

Can I keep this ticket so that the user logging in doesn't have to accept the ticket every single time they log in?  Only when the administrator changes LDAP servers is when he/she would need to accept a new SSL ticket.

Am I on the right track?  Or do I completely have the wrong idea on how LDAP with TLS works?

thanks