Okay, I've enabled TLS/SSL in slapd and if I call ldapsearch -ZZ, it works, so
I must have it working.
I realize this question might be better asked elsewhere...several elsewheres
in fact, but I'm asking here because the question is triggered by use of
openldap and those who use the other pieces of software are almost certainly
also on this list.
How do tell all my client side software to use TLS? I use nss_ldap. I have
my own perl scripts that user perl-ldap. I have qmail-ldap. I also have
replicas. Does the replica operation already attempt TLS?
A list of answers to these questions might be worth putting the the FAQ.
Also, it might be nice if the usage of TLS were logged somewhere so I could tell
if various packages are using it or not.
Chris
--
Chris Garrigues http://www.DeepEddy.Com/~cwg/
virCIO http://www.virCIO.Com
4314 Avenue C
Austin, TX 78751-3709 +1 512 374 0500
My email address is an experiment in SPAM elimination. For an
explanation of what we're doing, see http://www.DeepEddy.Com/tms.html
Nobody ever got fired for buying Microsoft,
but they could get fired for relying on Microsoft.
Attachment:
pgp9MHiBEww6L.pgp
Description: PGP signature