[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS-based authentication?



Hi Stephen,

Stephen Frost <sfrost@snowman.net> writes:

> Hey all,
>
>   Any of you folks using TLS-based authentication?  Where you're
>   actually using TLS to perform your authentication to slapd?  (Not just
>   encryption and whanot).
>
>   The reason I ask is that it would be difficult to support that using
>   GNU TLS in place of OpenSSL and we're wondering how much interest
>   there is for it.

I presume you are referring to SASL EXTERNAL mechanism, using X.509
certificates to authenticate against a directory server.
Yes, I do use X.509 certificates generated by openssl.

-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.--.-- 
dieter@marin:~> ldapwhoami -Y EXTERNAL -ZZ
SASL/EXTERNAL authentication started
SASL username: CN=Dieter Kluenter,OU=partner,O=avci,C=de
SASL SSF: 0
dn:cn=dieter kluenter,ou=partner,o=avci,c=de
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.---.-.--

Are you looking for something like the above?

-Dieter
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour