[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL2 and Openldap



Jerry wrote:
> On Thu, 10 Mar 2016 10:47:51 -0800, Quanah Gibson-Mount stated:
> 
>> --On Thursday, March 10, 2016 1:05 PM -0500 Jerry
>> <jerry@seibercom.net> wrote:
>>
>>> I just started creating a new server with FreeBSD 11. I installed
>>> the openldap port. Now I am trying to figure out how to get sasl2
>>> up and running. Openldap is running fine now without it, but I want
>>> to secure it further. Can anyone suggest a good "How to" on how to
>>> accomplish this on a FreeBSD OS (if that makes any difference).
>>> Examples are welcomed :)  
>>
>> What is it you want to do, exactly?
> 
> Right now, it is my understanding that everything passes through in
> clear text. I wanted to enforce TLS. Maybe it is not a big deal. I
> have been reading where it is suppose to be a good idea.

TLS and SASL are different things. You don't need SASL for TLS encrypted data
channel. Unless you want to use SASL/EXTERNAL with TLS client certs of course.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature