Novell LDAP C# - Novell.Directory.Ldap - Has anybody made it work?

Question

I\'m trying to use the library released by Novell (Novell.Directory.Ldap). Version 2.1.10.

What I\'ve done so far:

• I tested the connection with an appl

Answer 1

I finally found a way to make this work.

First, theses posts helped me get on the right track : http://directoryprogramming.net/forums/thread/788.aspx

Second, I got a compiled dll of the Novell LDAP Library and used the Mono.Security.Dll.

The solution:

I added this function to the code

// This is the Callback handler - after "Binding" this is called
        public bool MySSLHandler(Syscert.X509Certificate certificate, int[] certificateErrors)
        {

            X509Store store = null;
            X509Stores stores = X509StoreManager.LocalMachine;
            store = stores.TrustedRoot;

            //Import the details of the certificate from the server.

            X509Certificate x509 = null;
            X509CertificateCollection coll = new X509CertificateCollection();
            byte[] data = certificate.GetRawCertData();
            if (data != null)
                x509 = new X509Certificate(data);

            //List the details of the Server

            //if (bindCount == 1)
            //{

            Response.Write("CERTIFICATE DETAILS: 
");
            Response.Write("  Self Signed = " + x509.IsSelfSigned + "  X.509  version=" + x509.Version + "
");
            Response.Write("  Serial Number: " + CryptoConvert.ToHex(x509.SerialNumber) + "
");
            Response.Write("  Issuer Name:   " + x509.IssuerName.ToString() + "
");
            Response.Write("  Subject Name:  " + x509.SubjectName.ToString() + "
");
            Response.Write("  Valid From:    " + x509.ValidFrom.ToString() + "
");
            Response.Write("  Valid Until:   " + x509.ValidUntil.ToString() + "
");
            Response.Write("  Unique Hash:   " + CryptoConvert.ToHex(x509.Hash).ToString() + "
");
            // }

            bHowToProceed = true;
            if (bHowToProceed == true)
            {
                //Add the certificate to the store. This is \Documents and Settings\program data\.mono. . .
                if (x509 != null)
                    coll.Add(x509);
                store.Import(x509);
                if (bindCount == 1)
                    removeFlag = true;
            }

            if (bHowToProceed == false)
            {
                //Remove the certificate added from the store.

                if (removeFlag == true && bindCount > 1)
                {
                    foreach (X509Certificate xt509 in store.Certificates)
                    {
                        if (CryptoConvert.ToHex(xt509.Hash) == CryptoConvert.ToHex(x509.Hash))
                        {
                            store.Remove(x509);
                        }
                    }
                }
                Response.Write("SSL Bind Failed.");
            }
            return bHowToProceed;
        }

And i used it in the binding process

// Create Connection
                LdapConnection conn = new LdapConnection();
                conn.SecureSocketLayer = true;
                Response.Write("Connecting to:" + ldapHost);

                conn.UserDefinedServerCertValidationDelegate += new
                    CertificateValidationCallback(MySSLHandler);

                if (bHowToProceed == false)
                    conn.Disconnect();
                if (bHowToProceed == true)
                {
                    conn.Connect(ldapHost, ldapPort);
                    conn.Bind(loginDN, password);
                    Response.Write(" SSL Bind Successfull ");

                    conn.Disconnect();
                }
                quit = false;

The key elements are using the SSL Handler to dynamically obtain the Certificate, and using X509StoreManager.LocalMachine so that when the website is running its able to save and fetch the certificates.