Ldap over SSL
Michael Ströder
michael at stroeder.com
Fri Apr 26 11:58:20 CEST 2002
Sylvain Pereira wrote:
>>>I am developping a python cgi application to administrate an ldap
>>
>>server for
>>
>>>a customer.
>>
>>What's the LDAP server product and OS?
>
> Well it's iPlanet Directory Server 5.1 on SunOS 8, and I already checked
> the SSL connection with a Java program (I am new to python).
> The python cgi runs on an Irix 6.5
If it's running on a Unix platform iDS 5.1 should also support StartTLS
extended operation (not available with Win32 version) which is the standard
track (see RFC2830).
>>>>import ldap
>>>>print ldap.__version__
>>>
> 2.0.0pre04
>
>>>>ldap.set_option
>>>
> (ldap.OPT_X_TLS_CACERTFILE,'/usr/freeware/apache/conf/cert7.db')
That's a Netscape certificate DB for Netscape's NSS lib. Something
completely different.
OpenLDAP2 uses OpenSSL as SSL lib. Therefore just use a "PEM file"
containing the certificate. The same for the cert/key when using client
certs for authentication.
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2922 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20020426/e02a9ec8/attachment.bin>
More information about the python-ldap
mailing list