python-ldap and SSL?
Michael Ströder
michael at stroeder.com
Thu May 15 08:44:40 CEST 2003
David Casti wrote:
>
> import ldap
> l = ldap.initialize( 'ldaps://target:636' )
> [..]
> ldap.SERVER_DOWN: {'info': 'error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed', 'desc':
> "Can't contact LDAP server"}
The message is pretty clear. The server's certificate cannot be verified.
> ldap.set_option( ldap.OPT_X_TLS_CACERTFILE, '/path/ca.crt' )
This is the right thing to do.
Can you please try something like
openssl s_client -connect target:636 -CAfile /path/ca.crt
and carefully examime its output?
Ciao, Michael.
More information about the python-ldap
mailing list