Bin Lu wrote:
Hi,
Does openldap provide APIs to do server certificate validation? Can I retrieve
the server cert from LDAP connection and do the validation myself or by
passing the trusted CA list openldap will do it (in this case, how the
hostname matching with the subject DN is performed)?
OpenLDAP libldap does server certificate validation according to RFC2830 and
4513. It would be a mistake to duplicate that functionality and do the
validation yourself.
Thanks a lot in advance,
-blu
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
