In my code I am using openldap library to start tls to a ldap server. Using global LDAP_OPT_X_TLS_CACERTDIR option to set ca certificate directory. ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTDIR,"");
Now, STEP 1 : Correct certificate is in place and ldap_sasl_bind_sto ldap server is successful (as expected).
STEP 2 : I am deleting the certificate from the directory as I don't want openldap to use the older certificate, but even after this the bind is getting successful.
If the certificate is loaded in openldap's cache, I am not able to find any way to reset it.
My problem is exactly same as : starttls successful even after deleting CA from the ca dir
