I try connect to ldap using python-ldap and ssl (linux gentoo). Server-side certificate. The server does not require a certificate from the client. I can get certificates using
openssl c_client -showcerts -connect ip:port
It display a lot of informations that contains Enterprise CA, ROOT CA and code: 20 - unable to get local issuer certificate. How to use this to connect? I must add this to ssl trusted keys? Or maybe add to ldap options while connect?
Thanks for the tips.
I had the same problem, but solved it with these instructions
Basically the magic is to create a directory, put the ca certificate in that directory and run
and run the
s_client
with parameter-CApath <directoryname>
On
python-ldap
you do the same by doing