I am trying to connect to the openldap server (ldap.openldap.org) over ssl. When using the softerra LDAP browser this works fine ( I had to get the cert7.db and key3.db certificates first). When I tried to connect using my program (on windows), the program exited when trying to do a ldap_simple_bind_s.
if ( ldapssl_client_init( "c:\\certs", NULL ) < 0) { printf( "Failed to initialize SSL client...\n" ); return( 1 ); } if ( (ld = ldapssl_init(HOSTNAME, LDAPS_PORT, 1 )) == NULL ) { printf( "ldap_init\n" ); return( 1 ); } version = LDAP_VERSION3; rc = ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, &version ); if ( rc != LDAP_SUCCESS ) { printf("Cannot set option: %s\n", ldap_err2string(rc)); return( 1 ); } /* Bind to the LDAP server. */ rc = ldap_bind_s( ld, NULL, NULL, LDAP_AUTH_SIMPLE); ---------------------> The program exits here. if ( rc != LDAP_SUCCESS ) { printf(stderr, "ldap_simple_bind_s: %s\n", ldap_err2string(rc)); return( 1 ); } I am using the netscape ldap SDK (which is the same set of dlls that Softerra browser seems to use), so I am wondering if I am not doing any of the steps correctly. I tried looking at the packets in ethereal and it seems that there is a "Encrypted Alert" generated after which the program fails. I am totally stumped on this ! Any help will be greatly appreciated. Thanks very much, Kapil 30 7.426430 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [SYN] Seq=1954261503 Ack=0 Win=65535 Len=0 MSS=1460 31 7.441961 204.152.186.57 10.10.20.115 TCP ldaps > 2527 [SYN, ACK] Seq=2263670135 Ack=1954261504 Win=57344 Len=0 MSS=1408 32 7.442002 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [ACK] Seq=1954261504 Ack=2263670136 Win=65535 Len=0 33 7.445766 10.10.20.115 204.152.186.57 SSLv2 Client Hello 34 7.466050 204.152.186.57 10.10.20.115 TLS Server Hello, Certificate, Server Hello Done 35 7.469329 10.10.20.115 204.152.186.57 TLS Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 36 7.505536 204.152.186.57 10.10.20.115 TLS Change Cipher Spec, Encrypted Handshake Message 37 7.505874 10.10.20.115 204.152.186.57 TLS Application Data 38 7.521055 204.152.186.57 10.10.20.115 TLS Application Data 39 7.525068 10.10.20.115 204.152.186.57 TLS Application Data 40 7.542005 204.152.186.57 10.10.20.115 TLS Application Data 41 7.543128 204.152.186.57 10.10.20.115 TLS Application Data 42 7.543168 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [ACK] Seq=1954261864 Ack=2263672068 Win=65535 Len=0 43 7.543468 204.152.186.57 10.10.20.115 TLS Application Data 44 7.544055 204.152.186.57 10.10.20.115 TLS Application Data 45 7.544071 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [ACK] Seq=1954261864 Ack=2263672563 Win=65040 Len=0 46 7.544657 204.152.186.57 10.10.20.115 TLS Application Data 47 7.545272 204.152.186.57 10.10.20.115 TLS Application Data 48 7.545294 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [ACK] Seq=1954261864 Ack=2263673227 Win=64376 Len=0 49 7.546017 204.152.186.57 10.10.20.115 TLS Application Data 50 7.546099 204.152.186.57 10.10.20.115 TLS Application Data 51 7.546117 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [ACK] Seq=1954261864 Ack=2263673567 Win=65535 Len=0 52 7.604079 10.10.20.115 204.152.186.57 TLS Application Data 53 7.604196 10.10.20.115 204.152.186.57 TLS Encrypted Alert 54 7.620859 204.152.186.57 10.10.20.115 TLS Encrypted Alert 55 7.620936 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [RST, ACK] Seq=1954261916 Ack=2263673590 Win=0 Len=0 56 7.620980 204.152.186.57 10.10.20.115 TCP ldaps > 2527 [FIN, ACK] Seq=2263673590 Ack=1954261892 Win=57728 Len=0 57 7.620994 10.10.20.115 204.152.186.57 TCP 2527 > ldaps [RST] Seq=1954261892 Ack=1954261892 Win=0 Len=0 58 7.621512 204.152.186.57 10.10.20.115 TCP ldaps > 2527 [RST] Seq=2263673567 Ack=0 Win=0 Len=0 _______________________________________________ mozilla-directory mailing list mozilla-directory@mozilla.org http://mail.mozilla.org/listinfo/mozilla-directory