[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Require use of SSL..

To: openldap-software@OpenLDAP.org
Subject: Re: Require use of SSL..
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Mon, 08 Mar 2004 09:53:13 +0100
In-reply-to: <004201c404d6$a19140a0$6401a8c0@yourqqh4336axf> (dap99@i-55.com's message of "Mon, 8 Mar 2004 00:01:12 -0600")
References: <004201c404d6$a19140a0$6401a8c0@yourqqh4336axf>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Hi,

"adp" <dap99@i-55.com> writes:

> I have been studying 'require' for slapd, but it doesn't appear to do what I
> want. Hopefully someone can help here. I want to force all connections to be
> over SSL. Is there an easy way to do this? I know that OpenLDAP supports
> both ldaps (just ldap over SSL on port 636 from what I can see) and StartTLS
> (port 389). What I can't see is how to enforce the use of StartTLS. Also, is
> there any reason why this would be a bad idea? We are using LDAP mostly to
> auth user logins (not yet actually).

To enforce start_tls just edit ldap.conf and ~/.ldaprc.
See part TLS OPTIONS in man ldap.conf(5)

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

References:
- Require use of SSL..
  - From: "adp" <dap99@i-55.com>

Prev by Date: Re: Require use of SSL..
Next by Date: Re: LDAPI documentation (was Re: Graphical LDAP clients with SASL support)
Index(es):
- Chronological
- Thread