Menu
▾
▴
Re: [Fwd] Net::LDAP - how to connect over SSL?
|
From: Chris R. <Chr...@me...> - 2000-06-21 16:54:48
|
On Wed, 21 Jun 2000 00:44:53 BST, Graham Barr wrote: > ----- Forwarded message from Carol Mattsson <mat...@cu...> ----- > > Date: Tue, 20 Jun 2000 16:33:32 -0700 > From: Carol Mattsson <mat...@cu...> > X-Mailer: Mozilla 4.72 [en] (WinNT; I) > To: gb...@po... > Subject: Net::LDAP - how to connect over SSL? > > Hi Graham, > > I'm trying out Net::LDAP and am a current PerLDAP user. I want to bind > over SSL. Is that just a PerLDAP thing or can I do it with Net::LDAP as > well? > > To do this in PerLDAP I connect via port 636 and give my Netscape > certificate, named "cert7.db." > > I see ldap->new takes a port number to connect to, but where/how do I > specify the location of the certificate? > > Thanks in advance, > Carol Mattsson > _________________________________________________________________ > Carol Mattsson > ESP User Accounts Management > Hewlett-Packard Company (MS 46U-A) Email: mat...@cu... > 19091 Pruneridge Ave. phone: (408)447-2779 > Cupertino, CA USA 95014-0794 FAX: (408)447-1682 > _________________________________________________________________ > > ----- End forwarded message ----- > There are two ways to do this. One is to use an SSL connection to the server, and transfer LDAP over it. This is called the LDAPS protocol, and it is deprecated. The correct way to do this is to use a normal LDAP connection and then to use the startTLS control to switch the connection to using TLS (which is a standardized version of SSL.) A while ago I had a module called Net::LDAPS which used OpenSSL etc, and which worked OK. However it broke due to recent architectural changes in Net::LDAP, and I haven't fixed it yet. I also want to make it do startTLS. So the short answer is 'no', not yet. But I will try hard and fix my Net::LDAPS module. Stay tuned... Cheers, Chris |
