I am trying to retrieve a CRL cert hosted on an LDAP server using Python 3.9.16 and LDAP3 module
When I use ldapsearch and the command
/bin/ldapsearch -x -H ldaps://<HOST>:<PORT> -Z -b "c=us" -s sub "(ou=rootCA)" certificateRevocationList
I get the CRL in ASCII format, ready to use.
When I use python and ldap3 with the code
#!/bin/python3
from ldap3 import Server, Connection, ANONYMOUS, SAFE_SYNC, ALL
server = Server('ldaps://<HOST>', port = 636, use_ssl = True, get_info=All)
base_dn = "c=us"
conn = Connection(server, client_strategy=SAFE_SYNC, auto_bind=True, auto_encode=False)
entries = conn.search(search_base=base_dn, search_filter='(ou=rootCA)', attributes='certificateRevocationList')
print(tuple(entries))
The crl data is displayed in an encoded form not sure what type, lots of '\x'.
How do I get the CRL in straight ASCII format as the CRL is written within LDAP?
I have been through the ldap3 documentation on https://ldap3.readthedocs.io/en/latest/searches.html#search-scope-and-aliases