[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems with SASL and TLS

To: Andrew Newman <anewman@pisoftware.com>
Subject: Re: Problems with SASL and TLS
From: Adam Shand <larry@spack.org>
Date: Thu, 1 Mar 2001 12:08:07 -0800 (PST)
Cc: <openldap-software@OpenLDAP.org>
In-reply-to: <3A9DC28A.3090603@pisoftware.com>

> It would seem that the problem was that I was expecting the SSL/TLS
> traffic to go over the 636 port not the same port as unencrypted
> traffic.  I think this is due to the description in the FAQ of
> TLS/SSL.  I think it's there that I went off on some weird tangent.
> Using ngrep I could determine that the traffic is indeed being
> encrypted.

yep.  standard ldaps (ldap over ssl) works on port 636.  openldap 2.0 has
support for starttls which means that the servers can negotiate if ssl is
supported on both ends and have the traffic encrypted.

adam.

References:
- Re: Problems with SASL and TLS
  - From: Andrew Newman <anewman@pisoftware.com>

Prev by Date: Re: pam_ldap, nss_ldap on solaris 6
Next by Date: Database
Index(es):
- Chronological
- Thread