[Date Prev][Date Next] [Chronological] [Thread] [Top]

Security, SSF and localhost lookups

To: openldap-software@OpenLDAP.org
Subject: Security, SSF and localhost lookups
From: M Butcher <mbutcher@grcomputing.net>
Date: 06 May 2003 12:13:23 -0600
Organization:

I would like to set up OpenLDAP to allow localhost connections without
TLS, but require any other incoming connections to use secure
connections (e.g. ldaps:// or ldap:// with StartTLS).

When I used the RH RPM for OpenLDAP 2.0.17, using this setting in
slapd.conf seemed to work: 

security tls=128 ssf=128

With OpenLDAP 2.1.16, it does not. My suspicion is that this is the way
it _should_ be, as one would expect that the setting above would apply
to everything... but, now I'm at a loss.

How do I allow localhost to make non-TLS connections while requiring
external connections to use TLS?

Thanks,

Matt Butcher

-- 
M Butcher <mbutcher@grcomputing.net>

Follow-Ups:
- Re: Security, SSF and localhost lookups
  - From: M Butcher <mbutcher@grcomputing.net>

Prev by Date: RE: Do large searches block updates under ldbm backend?
Next by Date: Re: Security, SSF and localhost lookups
Index(es):
- Chronological
- Thread