Question

os：win7 64bits
ldap服务器：openldap for windows 2.4.34
编译器：vc2008

我可以通过此命令查询服务器的数据

ldapsearch -H ldaps://CS-GAMEBOY-PC -x -b dc=micmiu,dc=com -D cn=Manager,dc=micmiu,dc=com -w secret

但我无法通过winldap的示例代码查询数据（我删除了大部分错误句柄和资源清理以简化代码）

#include <iostream>

#include <windows.h>
#include <winldap.h>
#include <winber.h>

int main()
{                                
    char *LdapServer = "CS-GAMEBOY-PC";
    LDAP *ldap = ldap_sslinitA(LdapServer, LDAP_SSL_PORT, 1);    

    unsigned long version = LDAP_VERSION3;
    ldap_set_option(ldap,
                    LDAP_OPT_PROTOCOL_VERSION,
                    (void*)&version);              

    //  If SSL is not enabled, enable it.
    ldap_set_option(ldap, LDAP_OPT_SSL, LDAP_OPT_ON);        

    // Connect to the server.
    unsigned long connectSuccess = ldap_connect(ldap, NULL);
    if(connectSuccess == LDAP_SUCCESS){
        std::cout<<"ldap_connect succeeded \n";
    }else{
        std::cout<<"ldap_connect failed with "<<ldap_err2string(connectSuccess)<<std::endl;
        std::cout<<"error codes = 0x"<<std::hex<<connectSuccess<<std::endl;
        return -1;
    }            
}

ldap_connect失败并给我错误代码“0X51”

服务器站点将错误视为

........ tls_read：want = 5 error =未知错误 TLS跟踪：SSL_accept：SSLv3读取客户端证书A中的错误 TLS跟踪：SSL_accept：SSLv3读取客户端证书A中的错误 ........ tls_read：want = 5 error =未知错误 TLS跟踪：SSL_accept：SSLv3读取客户端证书A中的错误 TLS：不能接受:(未知）。

我该如何解决这个问题？

Answer 1

 //
    static bool VerifyCert(void/*LDAP* ld, PCCERT_CONTEXT pServerCert*/)
    {
       return true;
    }
 //

..
//  Set the version to 3.0 (default is 2.0). and than ->

    ldap_set_option(pLdapConnection, LDAP_OPT_SERVER_CERTIFICATE, &VerifyCert);

// Now you can Bind.
..

winldap无法使用ssl连接到openldap

1 个答案: