I establish the following LDAP connection with Net :: LDAP:
my $ldap = Net::LDAP->new( $ldap_host, version => 3 );
my $mesg = $ldap->start_tls(
verify => 'none',
);
$mesg = $ldap->bind( $dn, password => $ldappass );
This will work, and even let me make a request later to verify the user credentials. But if I try to check the server certificate:
my $ldap = Net::LDAP->new( $ldap_host, version => 3 );
my $mesg = $ldap->start_tls(
verify => 'require',
cafile => '/var/certs/Certificate_Bundle.pem'
);
$mesg = $ldap->bind( $dn, password => $ldappass );
It successfully establishes a connection and verifies the server certificate , but when I try the Bind operation, I get the following LDAP message parameters:
'resultCode' => 82,
'pdu' => '0O`J3cn=foo1,ou=foo2,dc=foo3Passwd',
'errorMessage' => 'Bad file descriptor'
I am surprised because the result code 82 is defined as LDAP_LOCAL_ERROR, but the whole bit of the certificate seems to work. If I change the cafile parameter to the wrong value, it will end with the error message "I / O error reset by peer".
Any ideas? Thanks in advance.
: , . LDAP , , . , , openssl :
openssl s_client -connect *server:port* -showcerts -state
, .