[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tls



On Nov 10, 2010, at 3:50 , Howard Chu wrote:

> Christian Bösch wrote:
>> Hi
>> 
>> Can someone tell me if it's possible to require strong encryption like TLS
>> except from one IP address?
>> 
> Not exactly. The "require" directive doesn't have that level of granularity, 
> but you can use ACLs to restrict access. In that case, a user would be able to 
> connect without TLS, but wouldn't be able to access anything.

but then user credentials are sent plain....
i don't want to allow plain simple binds at all except from several ips.
if i got you right, this is not possible?


> 
> -- 
>   -- Howard Chu
>   CTO, Symas Corp.           http://www.symas.com
>   Director, Highland Sun     http://highlandsun.com/hyc/
>   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Attachment: smime.p7s
Description: S/MIME cryptographic signature