[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Refusing connections when START_TLS is not sent

To: Pierre Moermans <pmoermans@linuxmail.org>
Subject: Re: Refusing connections when START_TLS is not sent
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Wed, 10 Dec 2003 08:28:39 -0800
Cc: openldap-software <openldap-software@OpenLDAP.org>
In-reply-to: <1071073601.3196.17.camel@bunting.pm-soft.be>
References: <1071073601.3196.17.camel@bunting.pm-soft.be>

At 08:26 AM 12/10/2003, Pierre Moermans wrote:
>Dear list,
>
>As far as I understand, clients using the START_TLS instruction must do
>so on the standard (PLAIN text) port, usually, the port 389.
>I've done that, and it worked fine.
>
>Now, I would like to refuse PLAIN text communication when the START_TLS
>command is not sent by the client. I've been googling for a while with
>no success.
>Does anybody know how to do that ?

See the 'security' directive in slapd.conf(5), as
well as section 9.2 of the Admin Guide.

Kurt

References:
- Refusing connections when START_TLS is not sent
  - From: Pierre Moermans <pmoermans@linuxmail.org>

Prev by Date: Re: sasl version mismatch: 2.1.15 vs 2.1.17
Next by Date: ACL List New bee
Index(es):
- Chronological
- Thread