Hi Tony, I think you have the wrong end of the stick... I'm not getting thrown out by anything, my ldap server is working fine, I was just curious about what you (and others) said about SSL and TLS being different. I think it's quite confusing when people say that TLS is not the same thing as SSL when on the openSSL site, they pretty much consistently use SSL/TLS as one entity. I was just trying to clarify that in fact the difference is the startTLS command which can be issued on the standard listener port to request to start an encrypted session... and if the application honours the startTLS command, or if it is older and has a seperate port for secure startup.
Cheers Bill
ons, 2002-11-20 kl. 14:51 skrev Bill Dossett:
Ok I think that's more or less what I said in that SSL and TLS both use SSL encryption and the distiguishing feature is StartTLS which can work on a standard port by requesting to switch to encryption if the listener on that port understands how to negotiate a StartTLS command.
No, you seemed to be trying a SASL bind, which was throwing you out. SSL/TLS has nothing to do with Openldap's idea of *strong* SASL authentication.
Best,
Tony