Okay, I've enabled TLS/SSL in slapd and if I call ldapsearch -ZZ, it works, so I must have it working. I realize this question might be better asked elsewhere...several elsewheres in fact, but I'm asking here because the question is triggered by use of openldap and those who use the other pieces of software are almost certainly also on this list. How do tell all my client side software to use TLS? I use nss_ldap. I have my own perl scripts that user perl-ldap. I have qmail-ldap. I also have replicas. Does the replica operation already attempt TLS? A list of answers to these questions might be worth putting the the FAQ. Also, it might be nice if the usage of TLS were logged somewhere so I could tell if various packages are using it or not. Chris -- Chris Garrigues http://www.DeepEddy.Com/~cwg/ virCIO http://www.virCIO.Com 4314 Avenue C Austin, TX 78751-3709 +1 512 374 0500 My email address is an experiment in SPAM elimination. For an explanation of what we're doing, see http://www.DeepEddy.Com/tms.html Nobody ever got fired for buying Microsoft, but they could get fired for relying on Microsoft.
Description: PGP signature