ldap_app_ssl_start_np()--Start a Secure LDAP Connection using DCM

Syntax

 #include <ldap.h>
 #include <ldapssl.h>
 
 int ldap_app_ssl_start_np(LDAP *ld,
                    char *dcm_identifier)

  Library Name/Service Program: QSYS/QGLDCLNT

  Default Public Authority: *USE

  Threadsafe: Yes

This is a deprecated API.

The ldap_app_ssl_start_np() function is used to start a secure connection (using Secure Sockets Layer (SSL)) to an LDAP server using the Digital Certificate Manager (DCM) to control the digital certificate.

ldap_app_ssl_start_np() must be called after ldap_open() and prior to ldap_bind(). Once the secure connection is established for the ld, all subsequent LDAP messages that flow over the secure connection are encrypted, including the ldap_bind() parameters, until ldap_unbind() is called.

Authorities and Locks

*R authority is needed to the selected Certificate Store and *X to the associated directories.

Parameters

ld: (Input) The LDAP pointer returned by a previous call to ldap_init(), ldap_ssl_init(), or ldap_open().
dcm_identifier: (Input) An identifier string that corresponds to a secure application registered with DCM. The use of NULL assumes that in a prior use of the this API a valid DCM identifier for an application has been used and that it is to be used again for this connection. This allows multiple connections without going through the initialization of SSL with a DCM identifier more than once.

Return Value

LDAP_SUCCESS: if the request was successful.
another LDAP error code: if the request was not successful.

Error Conditions

ldap_app_ssl_start_np() will return an LDAP error code if not successful. See LDAP Client API Error Conditions for possible LDAP error code values. Depending on the error code, errno information also may be available.

Error Messages

The following message may be sent from this function.

Message ID	Error Message Text
CPF3CF2 E	Error(s) occurred during running of ldap_app_ssl_start_np API.

Related Information

ldap_app_ssl_client_init_np() -- Initialize the Client for a Secure LDAP Connection using DCM
ldap_ssl_client_init() -- Initializes the SSL Library
ldap_ssl_init() -- Initializes an SSL connection
ldap_ssl_start() -- Creates a secure SSL connection
ldap_bind() -- Bind to the directory server
ldap_unbind() -- Unbind from the LDAP server and close the connection
ldap_open() -- Open a connection to an LDAP server
ldap_ssl_environment_init() -- Initializes SSL for a secure connection between client and server.
ldap_start_tls_s_np() -- Starts a TLS session with a Certificate.
ldap_start_tls_app_np() -- Starts a TLS session with an Application ID.
ldap_stop_tls_s_np() -- Ends a TLS session.

Example

Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.

The following scenario depicts the recommended calling sequence where the entire set of LDAP transactions are "protected" by using a secure SSL connection, including the dn and password that flow on the ldap_simple_bind():

 ld = ldap_open (ldaphost, ldapport );
 rc = ldap_app_ssl_start_np(ld, dcm_identifier );
 rc = ldap_simple_bind_s(ld, binddn, passwd);

 ...additional LDAP API calls

 rc = ldap_unbind( ld );

The following scenario depicts the calling sequence for multiple connections using one DCM identifier:

 ld = ldap_open (ldaphost, ldapport );
 rc = ldap_app_ssl_start_np(ld, dcm_identifier );
 rc = ldap_simple_bind_s(ld, binddn, passwd);

     /* For multiple secure connections using the same dcm_identifier.  */ 

 ld1 = ldap_open (ldaphost, ldapport );
        rc = ldap_app_ssl_start_np(ld1, NULL );
 rc = ldap_simple_bind_s(ld1, binddn, passwd);

 ld2 = ldap_open (ldaphost, ldapport );
 rc = ldap_app_ssl_start_np(ld2, NULL );
 rc = ldap_simple_bind_s(ld2, binddn, passwd);

 ...additional LDAP API calls

 rc = ldap_unbind( ld );
 rc = ldap_unbind( ld1 );
 rc = ldap_unbind( ld2 );

API introduced: V4R4

[ Back to top | LDAP APIs | APIs by category ]