Re: Allow invalid certificates for a single host

[Jared <list-389@legroom.net>]

On 10/09/2013 01:45 PM, Michael Ströder wrote:
> You want to use OpenLDAP command-line tools?
> 
> Why don't you just set env var LDAPCONF to the config file you need?
> 
> You could also override certain configuration items by setting the
> accompanying env var.

correct, this is using the ldapsearch command shipped with RHEL 6.4
(2.4.23-32.el6_4.1, to be specific).

As mentioned in both my original post as well as my last response to
Chad, I did try setting LDAPRC to point to a separate file, but didn't
have any luck with that.  I did not think to try LDAPCONF, though, so
thank you for that suggestion.  Unfortunately, I had the same result -
my ~/.ldaprc file gets sourced in addition to $LDAPCONF, and that
conflicts with or overrides the settings in $LDAPCONF, so it still fails.

By the environmental variables, just to clarify, you're referring to
LDAPTLS_REQCERT and the like, right?  I've tried that as well, but still
no luck.  Chad had also suggested this, and I showed in my reply back to
him what happens when I try that.

-- 
Jared