[python-ldap] Python LDAP TLS error when ldap.OPT_X_TLS_REQUIRE_CERT set to ldap.OPT_X_TLS_NEVER

Michael Ströder michael at stroeder.com
Thu Jun 30 16:04:05 EDT 2016

Daniel Watrous wrote:
> I'm getting a TLS error even after setting ldap.OPT_X_TLS_REQUIRE_CERT set
> to ldap.OPT_X_TLS_NEVER

You should always verify the server's cert. Otherwise the connection can be
hijacked with an active MITM attack.

TLS options are set via LDAPObject.set_option() or globally via ldap..set_option().



See Demo/initialize.py in the source tar.gz.

> How can I tell python-ldap to not check certificates? I've posted this
> question to stackoverflow too.

I'm deliberately ignoring stackoverflow...

Ciao, Michael.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.python.org/pipermail/python-ldap/attachments/20160630/3996494e/attachment.bin>

More information about the python-ldap mailing list