Menu
▾
▴
Re: Hanging during ldaps
|
From: Mauro C. <mci...@li...> - 2004-01-05 21:31:31
|
Goucher, Adam wrote: >I have found that "" and an actual basename are two different items with >pretty much all directory servers I have used. Searching against "" will >return information about the server in general (such as the vendor and >version) whereas searching against a proper basename gives you site >specific information > > Aha. I'll try that. >Yes, I can login with different client to the ssl port. Is there a TLS >FAQ kicking around somewhere? I keep seeing it used interchangeably with >SSL but don't know anything about it. > TLS and SSL are in fact different beasts, TLS being a superset of SSL but different enough to warrant a name change. Certificates should work interchangeably, since most of the differences should be in how the peers negotiate crypto algorithms for the asymmetric and symmetric parts. However, it's tricky stuff and I wouldn't be surprised that communication is stalling because client & server can't find a common algorithm or a cert isn't "right" or something. I'm at a loss here, but I know there are some TLS/SSL tools that will allow you to kinda "debug" what's going on (I definitely saw a reference to one on the Netscape site). You could also try firing up a Linux box, install Python and Python-LDAP and see what happens (the Linux build is much more solid and widely tested). Mauro |
