[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Require SSL transport?
justin,
do a "man slapd" and look at the "-h" option.
starting your server with "slapd -h ldaps:///" should prevent it from
listening on anything other than port 636.
jens
On 2/2/01 10:56, "Justin Hahn" <jhahn@profitlogic.com> wrote:
> Over the past couple days I've beens setting up OpenLDAP as a substitute for
> NIS. To do
> this I want all communications done with the LDAP server to be over SSL
> exclusively. But
> I can't seem to figure out how to get openldap to ignore requests that
> aren't over SSL.
> (i.e. ldapsearch -ZZ -x '(objectclass=*)' gives me exactly what I expect,
> but take away -ZZ and I get the same results back. Which isn't what I want.)
>
> Is there any ACL I can use to grant no access if SSL isn't being used? A
> config
> option? A commandline option to slapd?
>
> Thanks!