Hanging during ldaps
Mauro Cicognini
mcicogni at libero.it
Mon Jan 5 22:31:19 CET 2004
Goucher, Adam wrote:
>I have found that "" and an actual basename are two different items with
>pretty much all directory servers I have used. Searching against "" will
>return information about the server in general (such as the vendor and
>version) whereas searching against a proper basename gives you site
>specific information
>
>
Aha. I'll try that.
>Yes, I can login with different client to the ssl port. Is there a TLS
>FAQ kicking around somewhere? I keep seeing it used interchangeably with
>SSL but don't know anything about it.
>
TLS and SSL are in fact different beasts, TLS being a superset of SSL
but different enough to warrant a name change. Certificates should work
interchangeably, since most of the differences should be in how the
peers negotiate crypto algorithms for the asymmetric and symmetric
parts. However, it's tricky stuff and I wouldn't be surprised that
communication is stalling because client & server can't find a common
algorithm or a cert isn't "right" or something.
I'm at a loss here, but I know there are some TLS/SSL tools that will
allow you to kinda "debug" what's going on (I definitely saw a reference
to one on the Netscape site).
You could also try firing up a Linux box, install Python and Python-LDAP
and see what happens (the Linux build is much more solid and widely tested).
Mauro
More information about the python-ldap
mailing list