Hey Michael,
thanks for remembering! I will it out!
Best,
Fredrik
Michael Ströder schrieb:
> Fredrik,
>
> I've learned the hard way now that settings in .ldaprc and ldap.conf have
> precedence over what you set in your Python code via ldap.set_option() or
> LDAPObject.set_option(). Best thing
Fredrik,
I've learned the hard way now that settings in .ldaprc and ldap.conf have
precedence over what you set in your Python code via ldap.set_option() or
LDAPObject.set_option(). Best thing is to use this code-line to completely
switch off processing of .ldaprc and ldap.conf in libldap:
os.env
> Hmm, there's nothing you can do at the python-ldap level. AFAIK cert
> validation is completely done within the OpenSSL libs, except the host name
> checking.
>
> Could you please test with OpenLDAP's command-line tool ldapsearch. This is
> important: Please use the tool which uses the very same
Fredrik Melander wrote:
> I've given my LDAP server an expired cert for testing, but when calling
> start_tls_s() the script just proceeds as were nothing wrong.
Hmm, there's nothing you can do at the python-ldap level. AFAIK cert
validation is completely done within the OpenSSL libs, except the h
Hi Michael and the list,
sorry to bother you again, but since I think my last mail drowned in the
unusually high traffic that day, I'm posting my question again. I've
done some research since then I really can't figure this one out.
This relates to my previous question about server certificates.
