Net::SSLGlue::LDAP(3pm) User Contributed Perl Documentation Net::SSLGlue::LDAP(3pm)NAME
Net::SSLGlue::LDAP - proper certificate checking for ldaps in Net::LDAP
SYNOPSIS
use Net::SSLGlue::LDAP;
local %Net::SSLGlue::LDAP = ( SSL_verifycn_name => $hostname_in_cert );
my $ldap = Net::LDAP->new( $hostname, capath => ... );
$ldap->start_tls;
DESCRIPTION
Net::SSLGlue::LDAP modifies Net::LDAP so that it does proper certificate checking using the "ldap" SSL_verify_scheme from IO::Socket::SSL.
Because Net::LDAP does not have a mechanism to forward arbitrary parameters for the construction of the underlying socket these parameters
can be set globally when including the package, or with local settings of the %Net::SSLGlue::LDAP::SSLopts variable.
All of the "SSL_*" parameters from IO::Socket::SSL can be used; the following parameter is especially useful:
SSL_verifycn_name
Usually the name given as the hostname in the constructor is used to verify the identity of the certificate. If you want to check the
certificate against another name you can specify it with this parameter.
"SSL_ca_path", "SSL_ca_file" for IO::Socket::SSL can be set with the "capath" and "cafile" parameters of Net::LDAP::new and
"SSL_verify_mode" can be set with "verify", but the meaning of the values differs ("none" is 0, e.g. disable certificate verification).
SEE ALSO
IO::Socket::SSL, LWP, Net::LDAP
COPYRIGHT
This module is copyright (c) 2008, Steffen Ullrich. All Rights Reserved. This module is free software. It may be used, redistributed
and/or modified under the same terms as Perl itself.
perl v5.14.2 2012-04-06 Net::SSLGlue::LDAP(3pm)
Check Out this Related Man Page
Net::LDAPS(3pm) User Contributed Perl Documentation Net::LDAPS(3pm)NAME
Net::LDAPS - use LDAP over an SSL connection
SYNOPSIS
use Net::LDAPS;
$ldaps = Net::LDAPS->new('myhost.example.com',
port => '10000',
verify => 'require',
capath => '/usr/local/cacerts/');
# alternate way
use Net::LDAP;
$ldaps = Net::LDAP->new('ldaps://myhost.example.com:10000',
verify => 'require',
capath => '/usr/local/cacerts/');
DESCRIPTION
Communicate using the LDAP protocol to a directory server using an encrypted (SSL) network connection. This mechanism is non-standard but
widely supported; consider using LDAPv3 with the standard TLS extension if possible (many servers do not support it yet.) See "start_tls"
in Net::LDAP.
All the normal "Net::LDAP" methods can be used with a "Net::LDAPS" object; see Net::LDAP for details.
CONSTRUCTOR
new ( HOST [, OPTIONS ] )
Create a new connection. HOST is the hostname to contact. OPTIONS is a number of key/value pairs. See "new" in Net::LDAP for details.
SEE ALSO
Net::LDAP, IO::Socket::SSL
BUGS
You cannot have more than one LDAPS connection at any one time, due to restrictions in the underlying Net::SSLeay code.
AUTHOR
Chris Ridd <chris.ridd@isode.com>
COPYRIGHT
Copyright (c) 2000-2004, Chris Ridd and Graham Barr. All rights reserved. This library is free software; you can redistribute it and/or
modify it under the same terms as Perl itself.
perl v5.14.2 2012-01-29 Net::LDAPS(3pm)
Hi all,
I experienced a problem when making a LDAP search from Unix Netscape or Unix Mozilla adressbooks into my Active Directory LDAP db for email addresses.
I add my Domain Controller hostname and the LDAP root dir to search in.
For example:
Name: AD
LDAP server: gullvi
Search Root:... (0 Replies)
Hi,
We run an application called meta which reads user information from database and updates in LDAP.For that we have some scripts to check the uniqueness of mail ids between the existing LDAP and Database.It works fine when people enter mail ids in proper format (xxx.yyy@abc.com) but if it... (2 Replies)
Net::SSH::Perl ...... how to print the output in a proper format
my $cmd = "ls -l";
my $ssh = Net::SSH::Perl->new($host);
$ssh->login($user, $pass);
my($stdout, $stderr, $exit) = $ssh->cmd("$cmd");
print $stdout;
the script works fine, but i am unable to see the output... (2 Replies)
Hi all,
I have set up the AIX LDAP client on AIX 5.3.9 and it's working fine, using the descriptions in the Redbook for implementing LDAP in a heterogenous environment.
I added SSL encryption to the LDAP client demon's config and created a key-db and imported a signed certificate from our CA.
... (4 Replies)
I just configured my ldap server in Alpine, but every search hangs indefinitely (or so it seems) and I have to end up killing Alpine and starting back up. The LDAP server runs over SSL on port 636, so I have specified port 636, but there doesn't seem to be an SSL option available so I turned on... (0 Replies)
We are getting some special scenarios where Net::SMTP is not working for some mails.
we are sending a similar kind of data via mails but some of the mails are not received.
After checking the Net::SMTP in debug mode we found below difference:
Good One - (Mail sent properlly)
---
-----... (0 Replies)
I'm writing scripts to check for compliance with the DISA STIG. Several items refer to manually click-click-clicking to verify settings regarding LDAP or accounts like guest account disabled, "Allow Guests to connect to shared folders", "Display login window as:", "Show input menu in login... (7 Replies)
Need assistance in resolving the below LDAP issue on Solaris 11. I am new to LDAP .
root@hrapps51:/var/svc/manifest# ldaplist -v
+++ database=NULL
+++ filter=objectclass=*
+++ template for merging SSD filter=%s
ldaplist: Object not found (LDAP ERROR (50): Insufficient access.) (1 Reply)