If I made a change in "start_tls" command for option "verify => none"
to one of 'optional' or 'required' then I get next error message
root@install:~/prog# ./ldap_sec.pl
SSL connect attempt failed with unknown error error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at
./ldap_sec.pl line 25, <DATA> line 751.
root@install:~/prog#
It seems to me that the "verify"-option tells Net::LDAP whether it
should verify that the certificate the server you are connecting to is
using has been signed by a known certificate authority (listed in
/etc/ssl/certs).
start_tls will fail if the server does not provide any certificate, or
if the certificate is not signed by a CA (ref
http://search.cpan.org/~marschap/perl-ldap/lib/Net/LDAP.pod ).
Atle.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/534ae8d2.1060...@goliathdns.no
