Hi Folks, I am having a problem connecting with LDAP when I turn on LDAPVerifyServerCert. With this parameter turned off everything is working fine.
I took tcpdump for both the scenarios. The only difference is in the list of Distinquished Names that my LDAP server sends as part of the "Certificate Request". With LDAPVerifyServerCertificate turned on, I get a bunch of DNs in Certificate Request. With it turned off, I get none. In either case, the client (httpd) is getting the server certificate and validating it. Does anyone have any explanation for this behavior? I do not see any downside to LDAPVerifyServerCert being turned off. Any insights and comments? Thanks!
