cURL / Mailing Lists / curl-library / Single Mail


Re: LDAPS support

From: Guenter Knauf <>
Date: Fri, 24 Aug 2007 21:36:45 +0200

Hi all,
current status now:
based on the description found in cURL's ./docs/SSLCERTS I've used openssl to create a PEM CA cert for which you can get from my site for testing:
this CA was used for all tests below:

using Novell CLDAP SDK:
NetWare curl + PEM CA --> LDAP server : works.
MingW32 curl + PEM CA --> LDAP server : works.

using OpenLDAP:
MingW32 curl + PEM CA --> LDAP server : works.
Cygwin curl + PEM CA --> LDAP server : works.
Linux curl + PEM CA --> LDAP server : works.

If someone wants to build MingW32 with OpenLDAP you can download an 'OpenLDAP SDK' I've copied together from the original OpenLDAP 2.2.29 + DLLs taken from:
and use these vars to tell the makefile what to build:
set LDAP_SDK=c:/projects/sdks/openldap-2.2.29
set LDAPS=1

Attention: I found that MingW GCC 4.2.1 seems to have a problem with LDAP SDKs! The resulting binaries crash! Use MingW32 3.x for now!

Still outstanding test is with the M$ LDAP stuff;
in order to test I'd suggest to use a MingW32 build with LDAPS=1 (or set an env var);

since I dont have a Win32 AD controller, nor I'm much familar with the Win32 cert store stuff, I would really appreciate that someone with more Win32 insight than me could check this.

here's a log how it looks on Linux:
./src/curl -v --cacert ../openldap.pem ldaps://,dc=org
* About to connect() to port 636 (#0)
* Trying connected
* Connected to ( port 636 (#0)
* LDAP local: LDAP Vendor = OpenLDAP ; LDAP Version = 20227
* LDAP local: ldaps://,dc=org
* LDAP local: trying to establish encrypted connection
* LDAP local: using PEM CA cert: ../openldap.pem
DN: dc=OpenLDAP,dc=Org
        objectClass: top
        objectClass: organization
        objectClass: OpenLDAPorg
        objectClass: dcObject
        objectClass: domainRelatedObject

        dc: OpenLDAP

        displayName: OpenLDAP Project

        o: OpenLDAP Project
        o: OpenLDAP Foundation
        o: OpenLDAP

        l: Internet

        description: OpenLDAP - community developed software

        labeledURI: The OpenLDAP Project
        labeledURI: The OpenLDAP Project


* Closing connection #0

Received on 2007-08-24