ldap_app_ssl_start_np()--Start a Secure LDAP Connection using DCM
Syntax
#include <ldap.h> #include <ldapssl.h> int ldap_app_ssl_start_np(LDAP *ld, char *dcm_identifier)
Library Name/Service Program: QSYS/QGLDCLNT
Default Public Authority: *USE
Threadsafe: Yes
This is a deprecated API.
The ldap_app_ssl_start_np() function is used to start a secure connection (using Secure Sockets Layer (SSL)) to an LDAP server using the Digital Certificate Manager (DCM) to control the digital certificate.
ldap_app_ssl_start_np() must be called after ldap_open() and prior to ldap_bind(). Once the secure connection is established for the ld, all subsequent LDAP messages that flow over the secure connection are encrypted, including the ldap_bind() parameters, until ldap_unbind() is called.
Authorities and Locks
*R authority is needed to the selected Certificate Store and *X to the associated directories.
Parameters
- ld
- (Input) The LDAP pointer returned by a previous call to
ldap_init(),
ldap_ssl_init(), or
ldap_open().
- dcm_identifier
- (Input) An identifier string that corresponds to a secure application registered with DCM. The use of NULL assumes that in a prior use of the this API a valid DCM identifier for an application has been used and that it is to be used again for this connection. This allows multiple connections without going through the initialization of SSL with a DCM identifier more than once.
Return Value
- LDAP_SUCCESS
- if the request was successful.
- another LDAP error code
- if the request was not successful.
Error Conditions
ldap_app_ssl_start_np() will return an LDAP error code if not successful. See LDAP Client API Error Conditions for possible LDAP error code values. Depending on the error code, errno information also may be available.
Error Messages
The following message may be sent from this function.
Message ID | Error Message Text |
---|---|
CPF3CF2 E | Error(s) occurred during running of ldap_app_ssl_start_np API. |
Related Information
- ldap_app_ssl_client_init_np() -- Initialize the Client for a Secure LDAP Connection using DCM
- ldap_ssl_client_init() -- Initializes the SSL Library
- ldap_ssl_init() -- Initializes an SSL connection
- ldap_ssl_start() -- Creates a secure SSL connection
- ldap_bind() -- Bind to the directory server
- ldap_unbind() -- Unbind from the LDAP server and close the connection
- ldap_open() -- Open a connection to an LDAP server
- ldap_ssl_environment_init() -- Initializes SSL for a secure connection between client and server.
- ldap_start_tls_s_np() -- Starts a TLS session with a Certificate.
- ldap_start_tls_app_np() -- Starts a TLS session with an Application ID.
- ldap_stop_tls_s_np() -- Ends a TLS session.
Example
Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
The following scenario depicts the recommended calling sequence where the entire set of LDAP transactions are "protected" by using a secure SSL connection, including the dn and password that flow on the ldap_simple_bind():
ld = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld, dcm_identifier ); rc = ldap_simple_bind_s(ld, binddn, passwd); ...additional LDAP API calls rc = ldap_unbind( ld );
The following scenario depicts the calling sequence for multiple connections using one DCM identifier:
ld = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld, dcm_identifier ); rc = ldap_simple_bind_s(ld, binddn, passwd); /* For multiple secure connections using the same dcm_identifier. */ ld1 = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld1, NULL ); rc = ldap_simple_bind_s(ld1, binddn, passwd); ld2 = ldap_open (ldaphost, ldapport ); rc = ldap_app_ssl_start_np(ld2, NULL ); rc = ldap_simple_bind_s(ld2, binddn, passwd); ...additional LDAP API calls rc = ldap_unbind( ld ); rc = ldap_unbind( ld1 ); rc = ldap_unbind( ld2 );
API introduced: V4R4
[ Back to top | LDAP APIs | APIs by category ]