[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to disable SSLv2 for ldaps on port 636?

To: Aaron Richton <richton@nbcs.rutgers.edu>
Subject: Re: How to disable SSLv2 for ldaps on port 636?
From: Howard Chu <hyc@symas.com>
Date: Wed, 31 May 2006 13:53:33 -0700
Cc: John Borwick <borwicjh@wfu.edu>, openldap-software@OpenLDAP.org
In-reply-to: <Pine.SOL.4.58.0605311402580.1739@toolbox.rutgers.edu>
References: <447DD27D.9030606@wfu.edu> <Pine.SOL.4.58.0605311402580.1739@toolbox.rutgers.edu>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060528 SeaMonkey/1.5a

Aaron Richton wrote:

I think that TLSCipherSuite affects both StartTLS and SSL connections.


Correct.

Have you tried !SSLv2 and seen a result one way or another?
On Wed, 31 May 2006, John Borwick wrote:
I am familiar with the "TLSCipherSuite" option for slapd.conf. Is there an equivalent option to control ldaps (port 636) SSL connections? I would like to disable SSL v2 support for slapd running on port 636.


--
 -- Howard Chu
 Chief Architect, Symas Corp.  http://www.symas.com
 Director, Highland Sun        http://highlandsun.com/hyc
 OpenLDAP Core Team            http://www.openldap.org/project/

References:
- How to disable SSLv2 for ldaps on port 636?
  - From: John Borwick <borwicjh@wfu.edu>
- Re: How to disable SSLv2 for ldaps on port 636?
  - From: Aaron Richton <richton@nbcs.rutgers.edu>

Prev by Date: Proxy and userfiltering
Next by Date: Re: Replication between 2.2.x and 2.3.x
Index(es):
- Chronological
- Thread