[Mono-list] Novell LDAP (SSL) using .NET 2.0 on Windows Server
Sebastien Pouliot
sebastien.pouliot at gmail.com
Fri Sep 4 10:11:50 EDT 2009
On Fri, 2009-09-04 at 08:57 -0600, Stéphane Zanoni wrote:
> Hello, Tom.
>
> Here is a quick snippet... As long as your looks like this and the
> Mono.Security.dll is in the same directory as your DLL, you should be
> fine.
>
> var conn = new Novell.Directory.Ldap.LdapConnection();
> conn.SecureSocketLayer = true;
> conn.UserDefinedServerCertValidationDelegate += delegate { return
> true; };
The previous line will accept _any_ certificate* which, beside testing,
mostly defeats using SSL at the first place (e.g. MitM attack)
* including: invalid signatures, invalid name (wrong server),
wrong usage, wrong dates...
Now if security is not an issue then I suggest not using SSL ;-)
>
> conn.Connect("192.168.0.1", 636);
>
> conn.Bind("cn=admin,o=users", "mysecret");
>
>
> Stéphane
>
>
>
> >>> On 9/4/2009 at 08:46, stonefish <tom at stonefish.co.uk> wrote:
>
>
> Hi,
>
> (This is roughly the same message as was mistakenly on the ASP.NET
> section,
> but with the vital point that it's Novell LDAP, not MS LDAP!)
>
> My client requires us to connect to their Novell LDAP system through
> SSL
> with the ASP.NET (2.0) application we have written, which is going to
> run on
> Windows 2003 Server through IIS6. For the moment I am using a simple
> console application to test my code - a lot easier and simpler that
> uploading the rather large web application dlls each time.
>
> >From everything I've read, it appears that Mono is the best solution
> to
> this, but I'm having a great deal of difficulty getting it to work.
>
> I have added the novell.directory.ldap.dll and mono.security.dll
> references
> to the console app, and included the dlls in "installation" directory
> on the
> server.
> I have installed Mono (2.4.2.3) but not included the GTK part, as I
> don't
> believe it's necessary.
> I have added the security certificate from the clients LDAP system
> into the
> Trust store using certmgr.
>
> But when I attempt a secure bind to the Novell LDAP server, I receive
> a 91
> Connect Error, with the IOException of "The authentication or
> decryption has
> failed" and TlsException of "Invalid certificate received from
> server".
>
> What have I missed?
> Am I trying to achieve the impossible... or have I missed a simple
> step out?
> (Do I need to set an application setting or environment variable that
> I'm
> not aware of?)
>
> Many thanks for any help,
> Cheers,
> Tom
> --
> View this message in context: http://www.nabble.com/Novell-LDAP-%28SSL
> %29-using-.NET-2.0-on-Windows-Server-tp25295744p25295744.html
> Sent from the Mono - General mailing list archive at Nabble.com.
>
> _______________________________________________
> Mono-list maillist - Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list
>
> _______________________________________________
> Mono-list maillist - Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list
More information about the Mono-list
mailing list