Re: start_tls and Net::LDAPS

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Since you have the TLS extension in your server, it may be
that you have to use the vendor's api to use TLS.

That is the situation in our case, our directory supports
TLS but we have to use the vendors api(s) to get it to work.

Regards,

Clif

On Tue, Oct 08, 2002 at 11:50:07AM -0500, Bing Du wrote:
> Thanks Chris.  Actually I did try doing start_tls before bind after my
> first post.  But it was not getting any better.
> 
> =====

Stuff removed.

> > 
> > It is unusual to do the bind in the clear, and then turn on TLS afterwards.
> > That might be what you wanted, but normally you'd turn on TLS before issuing
> > any bind. That would be more similar to just making an LDAPS connection,
> > though incurring the extra overhead of the extended operation and result.
> > 
> > The second oddity is that you're not waiting for the bind to succeed. Try
> > checking for that before you call start_tls. Maybe there's an issue with
> > there being outstanding results on the socket when we try switching it, so
> > waiting for the bind result should address that.
> > 
> > Cheers,
> > 
> > Chris
> > 
> 