[Date Prev][Date Next] [Chronological] [Thread] [Top]

Different TLSVerifyClient possible?

To: openldap-software@OpenLDAP.org
Subject: Different TLSVerifyClient possible?
From: Martin Lesser <admin-openldap@better-com.de>
Date: 12 Aug 2003 18:39:14 +0200
Organization: Better-Com IT-Services GmbH
User-agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.4 (Portable Code)

I start slapd on two adresses (localhost and external adress).

For security reasons slapd.conf contains

  TLSVerifyClient demand

For the slapd running on 127.0.0.1 I want to reduce TLSVerifyClient to
never so only the slapd serving the external adress strictly depends on
a valid client-cert. Otherwise I had to generate a client-cert for each
local service which uses ldap.

Is this possible without using alternatives like stunnel?

TIA, Martin

Follow-Ups:
- Re: Different TLSVerifyClient possible?
  - From: Martin Lesser <admin-openldap@better-com.de>
- Re: Different TLSVerifyClient possible?
  - From: Dieter Kluenter <dieter@dkluenter.de>

Prev by Date: Re: Newbie with PAM_LDAP (authentication on linux) and OPENLDAP
Next by Date: Re: New to openLDAP: CRY FOR HELP! What on earth do i need to do to create ALIASES????
Index(es):
- Chronological
- Thread