Hi Michael, On Monday, 28. May 2012, Michael Ströder wrote: > Peter Marschall wrote: > > On Monday, 28. May 2012, Philip Guenther wrote: > >> On Mon, 28 May 2012, Michael Ströder wrote: > >>> Peter Marschall wrote: > >>>> how do the openldap tools technically verfify certificates with > >>>> ldapi:// ? > >>> > >>> Which certs do you want to verify? > >> > >> I assume the answer is "the one the server returns when you do StartTLS > >> on the ldapi:// connection". > > > > Correct. > > So if the quite liberal RFC 6125 does not provide any inspiration this > boils down to being undefined. StartTLS over LDAPI is an unusal scenario > anyway.
Thanks for your reply. It helps a bit ("looking at the issue from the standard angle"), but my question was how the openldap tools do it. Best Peter -- Peter Marschall pe...@adpm.de