[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: forcing encryption for external server access while allowing unencrypted localhost connections



You've required more confidentiality protection than ldapi://
purports to provide.  The ldapi:// is, by default, only 71.
You can change the SSF by defining the macro LDAP_PVT_LOCAL_SSF
in your CPPFLAGS.

At 10:44 AM 9/10/2004, Chris Paul wrote:
>Dieter Kluenter wrote:
>
>>
>>Let phpLDAPadmin contact slapd via socket, that is via ldapi://
>>
>>-Dieter
>> 
>
>Hi Dieter,
>
>Well the local socket wants to use TLS, too:
>
>$ ldapsearch -x -H ldapi:///usr/local/var/run/ldapi
># extended LDIF
>#
># LDAPv3
># base <> with scope sub
># filter: (objectclass=*)
># requesting: ALL
>#
>
># search result
>search: 2
>result: 13 Confidentiality required
>text: confidentiality required
>
># numResponses: 1
>
>
>I have this in my slapd.conf Global configuration section:
>
>security ssf=128
>
>CP