[erlang-questions] ELDAP: peer verification fails due to mangled SSL options?

Florian Waas flw@REDACTED
Sat Sep 21 06:40:13 CEST 2013

Currently, eldap does not support peer verification (equivalent
to ldap.conf's TLS_REQCERT).

Turns out eldap:do_connect/3 always prefixes the caller's ssl options with
{verify, 0} under the covers which renders a {verify, verify_peer} from the
caller ineffective:


As far as I can tell, there's no good/obvious reason for this -- and after
removing this automatic prefix, it works as one would expect.

Just a bug or anybody know of some rationale why verification is prevented
this way?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20130920/a5ec39e5/attachment.htm>

More information about the erlang-questions mailing list