#include <ldap.h> #include <ldapssl.h> int ldap_app_ssl_start_np(LDAP *ld, char *dcm_identifier)
This is a deprecated API.
The ldap_app_ssl_start_np() function is used to start a secure connection (using Secure Sockets Layer (SSL)) to an LDAP server using the Digital Certificate Manager (DCM) to control the digital certificate.
ldap_app_ssl_start_np() must be called after ldap_open() and prior to ldap_bind(). Once the secure connection is established for the ld, all subsequent LDAP messages that flow over the secure connection are encrypted, including the ldap_bind() parameters, until ldap_unbind() is called.
*R authority is needed to the selected Certificate Store and *X to the associated directories.
ldap_app_ssl_start_np() will return an LDAP error code if not successful. See LDAP Client API Error Conditions for possible LDAP error code values. Depending on the error code, errno information also may be available.
The following message may be sent from this function.
Message ID | Error Message Text |
---|---|
CPF3CF2 E | Error(s) occurred during running of ldap_app_ssl_start_np API. |
Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
The following scenario depicts the recommended calling sequence where the entire set of LDAP transactions are "protected" by using a secure SSL connection, including the dn and password that flow on the ldap_simple_bind():
ld = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld, dcm_identifier ); rc = ldap_simple_bind_s(ld, binddn, passwd); ...additional LDAP API calls rc = ldap_unbind( ld );
The following scenario depicts the calling sequence for multiple connections using one DCM identifier:
ld = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld, dcm_identifier ); rc = ldap_simple_bind_s(ld, binddn, passwd); /* For multiple secure connections using the same dcm_identifier. */ ld1 = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld1, NULL ); rc = ldap_simple_bind_s(ld1, binddn, passwd); ld2 = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld2, NULL ); rc = ldap_simple_bind_s(ld2, binddn, passwd); ...additional LDAP API calls rc = ldap_unbind( ld ); rc = ldap_unbind( ld1 ); rc = ldap_unbind( ld2 );
[ Back to top | LDAP APIs | APIs by category ]