[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS-based authentication?
Hi Stephen,
Stephen Frost <sfrost@snowman.net> writes:
> Hey all,
>
> Any of you folks using TLS-based authentication? Where you're
> actually using TLS to perform your authentication to slapd? (Not just
> encryption and whanot).
>
> The reason I ask is that it would be difficult to support that using
> GNU TLS in place of OpenSSL and we're wondering how much interest
> there is for it.
I presume you are referring to SASL EXTERNAL mechanism, using X.509
certificates to authenticate against a directory server.
Yes, I do use X.509 certificates generated by openssl.
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.--.--
dieter@marin:~> ldapwhoami -Y EXTERNAL -ZZ
SASL/EXTERNAL authentication started
SASL username: CN=Dieter Kluenter,OU=partner,O=avci,C=de
SASL SSF: 0
dn:cn=dieter kluenter,ou=partner,o=avci,c=de
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.---.-.--
Are you looking for something like the above?
-Dieter
--
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour