[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Re: Re: How to Force TLS/SSL connection Only ?

To: zhfei@sdb.ac.cn
Subject: Re: Re: Re: How to Force TLS/SSL connection Only ?
From: Peter Marschall <peter.marschall@mayn.de>
Date: Mon, 25 Nov 2002 20:48:44 +0100
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <200211250201.KAA31665@ns2.sdb.ac.cn>
Organization: ADPM
References: <200211250201.KAA31665@ns2.sdb.ac.cn>
User-agent: KMail/1.4.3

Hi,

On Monday 25 November 2002 03:00, you wrote:
> Sorry,the "bind_simple_unprotected"  can not be identified when starting
> ldap server.:-(
I copied it from OpenLDAP 2.1.8s slapd.conf man page.
Maybe you need to upgrade

You may also try to use the ssf clauses in the access statements

> My goal is that ONLY the clients with certificates signed by my rootCA can
> access my ldap server,which also has certificate signed by the same
> rootCA,and my ldap server is configured to support TLS/SSL , demands to
> verify clients,and connect with clients in TLS/SSL in port 636.
> Is it possible ?
Yes.
If you only want to do it with LDAPS, you can start slapd only with the 
appropriate parameter (ldaps:/// IIRC).

Yours
Peter

-- 
Peter Marschall     |   eMail: peter.marschall@mayn.de
Scheffelstraße 15   |          peter.marschall@is-energy.de
97072 Würzburg      |   Tel:   0931/14721
PGP:  D7 FF 20 FE E6 6B 31 74  D1 10 88 E0 3C FE 28 35

Prev by Date: Re: account balances
Next by Date: Manipulating ldif's
Index(es):
- Chronological
- Thread