[Date Prev][Date Next] [Chronological] [Thread] [Top]

Trying to confirm use of TLS...

To: openldap-software@OpenLDAP.org
Subject: Trying to confirm use of TLS...
From: Ken Kleiner <ken@cs.uml.edu>
Date: Mon, 26 Aug 2002 14:38:40 -0400 (EDT)

Hello...

  When running slapd with ldap:/// and ldaps:///, I understand that it
is listening on port 389 and 636.  If my clients have /etc/ldap.conf
with an entry of 'ssl start_tls', I assume that means that my session
is encrypted (i.e. all data passed back and forth from client -> server
is munged).  

  This being the case, I'm sure it is extremely critical to only allow
connections to slapd from trusted hosts, using tcp wrappers - correct?
If not, anybody can talk to my 389 port and therefore sniff.

  I have tested with just ldaps:///, and it works, but I fear I can't
use slurpd/replication unless I use 389 - is that right?

  Thanks for the info....

-- 
<><  ><> <><  ><> <><  ><> <><  ><> <><  ><> <><  

Ken Kleiner
System Manager
Computer Science Department
Umass Lowell

voice : 978 934 3645
fax : 978 934 3551

cell : 603 930 5582 (emergencies only, please)

ken@cs.uml.edu

Follow-Ups:
- Re: Trying to confirm use of TLS...
  - From: "Pierangelo Masarati" <masarati@aero.polimi.it>
- Re: Trying to confirm use of TLS...
  - From: Tony Earnshaw <tonni@billy.demon.nl>

Prev by Date: SSL/TLS Ughh
Next by Date: RE: LDAP/Kerberos user management
Index(es):
- Chronological
- Thread