[Date Prev][Date Next]
Re: (ITS#4072) Feature request: Don't list StartTLS (22.214.171.124.4.1.1466.20037) if not configured correctly
Howard Chu wrote:
> firstname.lastname@example.org wrote:
>> I'd like to propose that StartTLS (126.96.36.199.4.1.1466.20037) is not
>> listed in
>> rootDSE's attribute supportedExtension if TLS/SSL is not configured
> What does "not configured correctly" mean? E.g., if invalid files are
> used for the cert/key file options, ldap_pvt_tls_init_def_ctx() will
> fail, and slapd will refuse to startup. What other configurations are
> you concerned with?
Well, rather not configured at all but compiled with TLS support.