Certificate Confusion:hostname does not match CN

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

I am working on a RH 9 Linux system.  Below is the code I'm using:

l = ldap.initialize('ldaps://x.x.x:636')
l.protocol_version=ldap.VERSION3
l.simple_bind_s("username", "password")
l.unbind_s()

I got the following error:  "SSL3_GET_SERVER_CERTIFICATE: certificate verify 
failed".  So I asked the people that control the LDAP server for a key.  
They sent me the Netscape certificate: cert7.db & key3.db.  If I put those 
two files in my home directory and add this line to my code:   
ldap.set_option(ldap.OPT_X_TLS_CACERTDIR, "/home/jack")  I get an error:  
"TLS: hostname does not match CN in peer certificate".  Does anyone know 
what that error means?  Can I use the cert7.db or does it have to be 
converted to a PEM file?  I get the same error if I use the following line 
in my code: ldap.set_option(ldap.OPT_X_TLS_CACERTFILE, 
"/usr/share/ssl/cert.pem")  What is this cert.pem file that automatically 
gets installed?  Is it just an example or did RH convert the cert7.db?

Thanks!

_________________________________________________________________
Check out the coupons and bargains on MSN Offers! http://youroffers.msn.com