[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldaps://



Hi,

I've just read the FAQ part about ldap:// and ldaps:// and wanted to make
sure I understood it correctly.

So ldaps:// (using port 636) is deprecated and shouldn't be used anymore
correct ? The new way is to go with TLS which will anyway run via ldap://
(port 389) ?

I am also asking this because I've setted up my OpenLDAP with the
TLSCertificates paramters, then did an ldapsearch using -ZZ and was
surprised to see that it still used the port 389 for encrypted sessions and
unencrypted sessions...

Is that normal ?

Also is there a way to dissallow unencrypted sessions, allowing only
encrypted sessions using TLS ?

Regards
Marc



...