Menu
I have a sample program here that is trying to connect to LDAP server on the secured port (ldaps://) However, the sample program is not able to bind to the server.
#define LDAP_DEPRECATED 1
#include <stdio.h>
#include <ldap.h>
#define BIND_DN "dc=example,dc=com"
#define BIND_PW "secret"
int main() {
LDAP *ld;
int rc;
int reqcert = LDAP_OPT_X_TLS_NEVER;
int version = LDAP_VERSION3;
int ret(0);
if (ldap_initialize (&ld, "ldaps://192.168.1.51:10636")) {
perror("ldap_init"); /* no error here */
return(1);
}
ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &version);
ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
rc = ldap_bind_s(ld, BIND_DN, BIND_PW, LDAP_AUTH_SIMPLE);
if( rc != LDAP_SUCCESS )
{
fprintf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc) );
return( 1 );
}
printf("Initial Authentication successful\n");
ldap_unbind(ld);
}
However, with START_TLS the sample program successfully binds to LDAP server running on port 10389. ldapsearch client is able to connect to the server ans search the user base tree. But the sample program above does not.
To get it working with START_TLS: Here is what I have added:
ldap_set_option (ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &reqcert);
rc = ldap_start_tls_s(ld, NULL, NULL);
if (rc != LDAP_SUCCESS) {
printf("ldap_start_tls() %s",ldap_err2string(ret));
}
Can someone point out what I am missing here for binding to LDAP server via ldaps://??
867
edit /etc/openldap/ldap.conf, add line:
TLS_REQCERT never
then try again.
55
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
