[Date Prev][Date Next] [Chronological] [Thread] [Top]

start_tls versus ldaps

To: OpenLDAP-software@OpenLDAP.org
Subject: start_tls versus ldaps
From: Imobach González Sosa <igonzalez@becarios.ulpgc.es>
Date: Thu, 12 Aug 2004 11:24:41 +0100
Content-disposition: inline
Organization: Servicio de Informática y Comunicaciones
User-agent: KMail/1.6.2

Hi all,

First of all, I apologize for my poor english writing skill. I hope you to 
understand me.

I'm almost new using TLS/SSL (and OpenLDAP too), so don't be rough ;)

Right, I'm trying to set up an OpenLDAP server and I'd like the connections to 
be encrypted. Ok, it seems that TLS/SSL works pretty fine using start_tls or 
ldaps://. So, my question is, what's better?

I've read somewhere that TLS is the "new way" and must be preferred. So, I 
suppose I could close the 636 port. In the other hand, I don't know if I can 
force the clients to use TLS over 389 this way.

>From your experience, what do you think about it? I almost have read the 
"admin guide" and I've not seen clear advices on this issue.

Thank you in advance.

--
Imobach González Sosa
Servicio de Informática y Comunicaciones de la ULPGC
e-mail: igonzalez@becarios.ulpgc.es
Teléfono: +34 928 459519

Follow-Ups:
- Re: start_tls versus ldaps
  - From: "Axel" <axel@axeltabs.com>

Prev by Date: Re: ldap backend + ldapi (fwd)
Next by Date: Migration Netscape DS 4.1 > OpenLDAP?
Index(es):
- Chronological
- Thread