如何在 Windows 上禁用 LDAP 身份验证的证书验证?
[英]How to disable certificate validation for LDAP authentication on Windows?
问题描述
I am writing a sample client (coded in C/C++) for authenticating user via LDAP.
我正在编写一个示例客户端(用 C/C++ 编码),用于通过 LDAP 对用户进行身份验证。 The client is developed for both Windows and Linux.该客户端是为 Windows 和 Linux 开发的。
For Linux, I am using OpenLDAP library compiled with --with-tls (OpenSSL).对于 Linux,我使用的是通过--with-tls (OpenSSL) 编译的OpenLDAP库。 For authenticating user via an encrypted channel I am skipping the server-client certificate validation.为了通过加密通道对用户进行身份验证,我跳过了服务器-客户端证书验证。 To do so, I am setting the ldap option to :为此,我将 ldap 选项设置为:
option = LDAP_OPT_X_TLS_NEVER;
returnCode = ldap_set_option(vLdapConnection, LDAP_OPT_X_TLS_REQUIRE_CERT, &option);
if(returnCode != LDAP_OPT_SUCCESS){
return FALSE;
}
This will skip the certification validation and will always allow client to authenticate.这将跳过认证验证并始终允许客户端进行身份验证。
However, on Windows I am using wldap.dll for the application.但是,在 Windows 上,我将 wldap.dll 用于应用程序。 I am not able to figure out how to disable the server-client certificate validation for LDAP over an encrypted connection.我无法弄清楚如何通过加密连接禁用 LDAP 的服务器-客户端证书验证。
when I run through:当我运行时:
returnCode = ldap_set_option(vLdapConnection, LDAP_OPT_SSL, LDAP_OPT_ON);
the returnCode is always to set to LDAP_SERVER_DOWN = 0x51 returnCode 始终设置为LDAP_SERVER_DOWN = 0x51
How to disable client certificate validation for LDAP with Wldap32.dll on Windows??如何在 Windows 上使用 Wldap32.dll 禁用 LDAP 的客户端证书验证?
1 个解决方案
解决方案1
2 已采纳 2013-06-08 02:48:21
Look at Session Options , specifically LDAP_OPT_SERVER_CERTIFICATE .查看会话选项,特别是LDAP_OPT_SERVER_CERTIFICATE 。 It lets you specify a callback function to validate the server certificate.它允许您指定回调函数来验证服务器证书。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.