NET:LDAP start_tls does not work

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

I am trying to use Perl LDAP script to change user's password on
Windows Active Directory based domain controller.  I got a digital
certificate generated from Windows in .cer or DER format and I
converted it to PEM using openssl.

Since Windows AD requires secure connection.  I have to do start_tls
call.  However, I don't think I successfully got the handle object
back.  Any reason for that?

My script works fine to search Windows AD well.  When I do search, it
is not using SSL.  But to change password, you have to use SSL.
Search does not have to.
Thanks in advance.

Dick Cai

    my $cafile = "/usr/local/apache/cgi-bin/test/cert2.pem";
    my $result = $ldap->start_tls(
                           verify => 'require',
                         ) or die "$@";

print "start_tls result -", $result->is_error;
print "\n";

Return code: 1  Message: LDAP_OPERATIONS_ERROR :Server encountered an
internal error
MessageID: 1    DN:

Site Timeline