-
-
Notifications
You must be signed in to change notification settings - Fork 6.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LDAPS does not work with private TLS CA; HTTPS works #11372
Comments
So how did all the involved components change in the mean time? libcurl version, TLS library version, OpenLDAP version and CA store? |
The OpenLDAP related code in curl does not seem to make any effort to set the provided paths for this. 😢 I can't even figure out how to use the OpenLDAP API to point out a custom CA store. I can only find documentation mentioning setting a different path in @hyc: any ideas/proposal of where to look? |
Thanks. Here is what I think has changed. Pulling this data out of the package manager log is finicky, so I cannot guarantee that I did not make a mistake. 🫤
|
I believe #11374 fixes it. |
Ah, great to hear! I cannot realistically build curl from source, but I can test it once it hits |
Sounds like you've already fixed this, but to answer your question, you want to read the ldap_set_option(3) manpage. |
... as otherwise the configure script will say it is OpenLDAP in the summary, but not set the USE_OPENLDAP define, therefor not using the intended OpenLDAP code paths. Regression since 4d73854 (7.85.0) Fixes curl#11372 Closes curl#11374 Reported-by: vlkl-sap on github
... as otherwise the configure script will say it is OpenLDAP in the summary, but not set the USE_OPENLDAP define, therefor not using the intended OpenLDAP code paths. Regression since 4d73854 (7.85.0) Fixes curl#11372 Closes curl#11374 Reported-by: vlkl-sap on github
Hello,
I suddenly have trouble with LDAPS requests to a server that uses a private TLS CA. The LDAPS requests used to work ~18 months ago,
HTTPS requests to servers that use the same TLS CA work.
Thanks!
I did this
Original LDAPS request (failing)
Demo HTTPS request (TLS succeeding, but server does not speak HTTPS)
Demo HTTPS request without trusted CA cert (TLS failing as expected)
curl/libcurl version
operating system
The text was updated successfully, but these errors were encountered: