<div dir="ltr">Michael,<div><br></div><div>Since you're avoiding stackoverflow, you didn't see that I already did exactly what you suggest, but it's not working, hence my question. I figured I must be missing something. </div><div><br></div><div>Copying over from stackoverflow for this list</div><div><br></div><div><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;line-height:19.5px">When using python-ldap I am setting ldap.OPT_X_TLS_REQUIRE_CERT set to ldap.OPT_X_TLS_NEVER, but I still get a TLS error. I've tried ldap.set_option and the version you see below. Both produce the same error.</p><pre class="" style="margin-top:0px;margin-bottom:1em;padding:5px;border:0px;font-size:13px;width:auto;max-height:600px;overflow:auto;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;color:rgb(57,51,24);word-wrap:normal;background-color:rgb(239,240,241)"><code style="margin:0px;padding:0px;border:0px;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;white-space:inherit"><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">class</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> adldap_connection</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
    </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">def</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> __init__</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> secure</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">):</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> configuration
        self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">secure </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> secure
        self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap_host_template </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> string</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(43,145,175)">Template</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'host'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">])</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">if</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">secure</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
            self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap_host </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap_host_template</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">substitute</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">port</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'secure_port'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">])</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">else</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
            self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap_host </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap_host_template</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">substitute</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">port</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'standard_port'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">])</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">

    </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">def</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> __enter__</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">):</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">try</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
            self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ld </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">initialize</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap_host</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">)</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
            </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">if</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'verify_ssl'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">][</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'verify'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">]:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
                self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ld</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">set_option</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_CACERTFILE</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'verify_ssl'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">][</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'use'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">])</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
                </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">print</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">"ldap.OPT_X_TLS_CACERTFILE = %d"</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">%</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_CACERTFILE
            </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">else</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
                self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ld</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">set_option</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_REQUIRE_CERT</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_NEVER</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">)</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
                </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">print</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">"ldap.OPT_X_TLS_REQUIRE_CERT = %d"</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">%</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_REQUIRE_CERT
                </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">print</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">"ldap.OPT_X_TLS_NEVER = %d"</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">%</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_NEVER
                </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(133,140,147)">#ldap.set_option(ldap.OPT_X_TLS_NEWCTX, 0)</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">

            self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ld</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">simple_bind_s</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'binduser'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">],</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'bindpassword'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">])</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">except</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(43,145,175)">LDAPError</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> error_message</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">:</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
            </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">print</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">"Couldn't Connect. %s "</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">%</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> error_message
            </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">print</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">"Using CA: %s"</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">%</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'verify_ssl'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">][</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'use'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">]</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
            </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">if</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'verify_ssl'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">][</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'use'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">]):</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
                </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">print</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">"File exists: %s"</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">%</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> os</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">path</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">exists</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">configuration</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">[</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'verify_ssl'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">][</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'use'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">])</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">return</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ld

    </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">def</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> __exit__</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">(</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> exc_type</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> exc_value</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">,</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> traceback</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">):</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
        self</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ld</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">unbind_s</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">()</span></code></pre><p style="margin:0px 0px 1em;padding:0px;border:0px;font-size:15px;clear:both;color:rgb(36,39,41);font-family:Arial,"Helvetica Neue",Helvetica,sans-serif;line-height:19.5px">I get this exception</p><pre class="" style="margin-top:0px;margin-bottom:1em;padding:5px;border:0px;font-size:13px;width:auto;max-height:600px;overflow:auto;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;color:rgb(57,51,24);word-wrap:normal;background-color:rgb(239,240,241)"><code style="margin:0px;padding:0px;border:0px;font-family:Consolas,Menlo,Monaco,"Lucida Console","Liberation Mono","DejaVu Sans Mono","Bitstream Vera Sans Mono","Courier New",monospace,sans-serif;white-space:inherit"><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_REQUIRE_CERT </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">24582</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
ldap</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">OPT_X_TLS_NEVER </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">=</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">0</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">
</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(43,145,175)">Couldn</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'t Connect. {'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">info</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">': "TLS error -8179:Peer'</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">s </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(43,145,175)">Certificate</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> issuer </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">is</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> </span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(16,16,148)">not</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)"> recognized</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(48,51,54)">.</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">", 'desc': "</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(43,145,175)">Can</span><span class="" style="margin:0px;padding:0px;border:0px;color:rgb(125,39,39)">'t contact LDAP server"}</span></code></pre></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jun 30, 2016 at 2:04 PM, Michael Ströder <span dir="ltr"><<a href="mailto:michael@stroeder.com" target="_blank">michael@stroeder.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">Daniel Watrous wrote:<br>
> I'm getting a TLS error even after setting ldap.OPT_X_TLS_REQUIRE_CERT set<br>
> to ldap.OPT_X_TLS_NEVER<br>
<br>
</span>You should always verify the server's cert. Otherwise the connection can be<br>
hijacked with an active MITM attack.<br>
<br>
TLS options are set via LDAPObject.set_option() or globally via ldap..set_option().<br>
<br>
<a href="https://www.python-ldap.org/doc/html/ldap.html#ldap.LDAPObject.set_option" rel="noreferrer" target="_blank">https://www.python-ldap.org/doc/html/ldap.html#ldap.LDAPObject.set_option</a><br>
<br>
<a href="https://www.python-ldap.org/doc/html/ldap.html#ldap.set_option" rel="noreferrer" target="_blank">https://www.python-ldap.org/doc/html/ldap.html#ldap.set_option</a><br>
<br>
See Demo/initialize.py in the source tar.gz.<br>
<span class=""><br>
> How can I tell python-ldap to not check certificates? I've posted this<br>
> question to stackoverflow too.<br>
<br>
</span>I'm deliberately ignoring stackoverflow...<br>
<br>
Ciao, Michael.<br>
<br>
</blockquote></div><br></div>