[python-ldap] Python LDAP TLS error when ldap.OPT_X_TLS_REQUIRE_CERT set to ldap.OPT_X_TLS_NEVER
Michael Ströder
michael at stroeder.com
Thu Jun 30 16:04:05 EDT 2016
Daniel Watrous wrote:
> I'm getting a TLS error even after setting ldap.OPT_X_TLS_REQUIRE_CERT set
> to ldap.OPT_X_TLS_NEVER
You should always verify the server's cert. Otherwise the connection can be
hijacked with an active MITM attack.
TLS options are set via LDAPObject.set_option() or globally via ldap..set_option().
https://www.python-ldap.org/doc/html/ldap.html#ldap.LDAPObject.set_option
https://www.python-ldap.org/doc/html/ldap.html#ldap.set_option
See Demo/initialize.py in the source tar.gz.
> How can I tell python-ldap to not check certificates? I've posted this
> question to stackoverflow too.
I'm deliberately ignoring stackoverflow...
Ciao, Michael.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20160630/3996494e/attachment.bin>
More information about the python-ldap
mailing list