Menu
▾
▴
Re: Certificate checking on LDAP over SSL connection
|
From: Michael S. <mi...@st...> - 2008-12-09 12:05:39
|
Alberto Lopes wrote: > > From what I understood from the LDAPUserFolder code, it delegates the > SSL negotiation to the python-ldap library. And further down the delegation path: python-ldap -> OpenLDAP lib -> OpenSSL lib > How can I pass the > CAcertificate to the python-ldap layer in order to have it accepting the > server certificate? See Demo/initialize.py in python-ldap's source distribution. ldap.set_option(ldap.OPT_X_TLS_CACERTFILE,'/etc/httpd/ssl.crt/myCA-cacerts.pem') or ldap.set_option(ldap.OPT_X_TLS_CACERTDIR,'/etc/httpd/ssl.crt') In older versions of the OpenLDAP libs you can only set these options globally. Not sure about 2.4.8. I have no clue whether LDAPUserFolder makes it possible to set these options though. Ciao, Michael. |
