[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS problem



On 07/07/2010 11:17 AM, Cedric Jeanneret wrote:
Hello,

I'm trying to configure an openldap with TLS so that all connections are encrypted.

Here's the revelent part of my slapd.conf:

TLSCipherSuite HIGH:MEDIUM:+SSLv3
TLSVerifyClient never
TLSCertificateFile /etc/ldap/ssl/server.crt
TLSCertificateKeyFile /etc/ldap/ssl/server.key

Here's my ldap.conf:

URI ldaps://my.server.ltd
BASE dc=my,dc=server,dc=ltd
LDAP_VERSION 3

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never
ssl start_tls
ssl on
TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3



Add

TLS_REQCERT allow

 to your ldap.conf. See the ldap.conf man page for more information.

Regards,

Hugo Monteiro.

--
fct.unl.pt:~# cat .signature

Hugo Monteiro
Email	 : hugo.monteiro@fct.unl.pt
Telefone : +351 212948300 Ext.15307
Web      : http://hmonteiro.net

Divisão de Informática
Faculdade de Ciências e Tecnologia da
		   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
www.fct.unl.pt                apoio@fct.unl.pt

fct.unl.pt:~# _