[Fwd] Connecting to LDAP over SSL

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

----- Forwarded message from Douglas Gray Stephens <DGr...@sl...> -----

Date: Wed, 24 Jan 2001 19:03:25 +0000
To: per...@li...
Cc: gb...@po...
From: "Douglas Gray Stephens" <DGr...@sl...>
Subject: Connecting to LDAP over SSL
X-Mailer: emacs 20.7.1 (via feedmail 9-beta-7 I);
	VM 6.90 under Emacs 20.7.1

Hi,

I am trying to connect to an LDAP server over SSL (i.e. port 636).

I looked at perldap (v1.4) and perl-ldap (v 0.22), and both hint that
they can connect to an LDAP over SSL.  However perldap appears to want
to use a local certificate for client authenitcation, while is should
be possible to use SSL simple to secure the communications channel.

Using the following perl-ldap snippet can connect to the LDAP server
(without SSL):
  use Net::LDAP;

  $ldap = new Net::LDAP('ldap:389','timeout'=>300) or die "$@";

  $mesg = $ldap->search (  # perform a search
                          base   => "o=slb,c=AN",
                          filter => "alias=dgraystephens"
                         );

  $mesg->code && die $mesg->error;

  foreach $entry ($mesg->all_entries) { $entry->dump; }

however if I try to use an SSL connection, i.e.

  use Net::LDAPS;

  $ldap = new Net::LDAPS('ldap:636') or die "$@";

  $mesg = $ldap->search (  # perform a search
                          base   => "o=slb,c=AN",
                          filter => "alias=dgraystephens"
                         );

  $mesg->code && die $mesg->error;

  foreach $entry ($mesg->all_entries) { $entry->dump; }

then the code fails to run 
  Can't locate IO/Socket/SSL.pm in @INC (@INC contains: D:/Applications/Perl/lib D:/Applications/Perl/site/lib .) at D:/Applications/Perl/site/lib/Net/LDAPS.pm line 14.
  BEGIN failed--compilation aborted at D:/Applications/Perl/site/lib/Net/LDAPS.pm line 14.
  Compilation failed in require at temp.pl line 6.
  BEGIN failed--compilation aborted at temp.pl line 6.

I can connect to over SSL to a WEB server (i.e. HTTPS).

The IO::Socket::SSL module is not included in the perl-ldap module
that is available via the package manager.  I believe that the module
is (or was)  part of the Bundle::Net::LDAP package 
 http://www.perldoc.com/cpan/Bundle/Net/LDAP.html 
which I cannot locate?

Is IO::Socket::SSL (or the Bundle::Net::LDAP package) available for windows?

Has anyone managed to use perl-ldap (or another LDAP module) to
communicate with an LDAP server over SSL?

Thanks in advance,

Douglas.

-- 

================================
Dr. Douglas GRAY STEPHENS        
SL-IT Security (Directories)
Schlumberger Cambridge Research
High Cross,
Madingley Road,
Cambridge.
CB3 0EL
ENGLAND

Phone +44 1223 325295
Fax   +44 1223 311830
Email DGr...@sl...
================================

----- End forwarded message -----