[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Simple question: ldaps:/// or ldaps://?

> Hi,
> I use SSL/TLS to secure my Openldap Communication. Therefor I started 
> slapd with:
> /usr/local/openldap/libexec/slapd -h "ldaps:/// ldap:///"; -f 
> /usr/local&openldap/etc/openldap/slapd.conf
> like described in the FAQ. In general this works all right, but as I 
> found out some client programms (like GQ) can't connect with the 

I don't know about GQ, but OpenLDAP clients expect a 
<hostname>[:<portnumber>], e.g. "localhost:389" for the -h switch;
to use the URI form you need the -H switch: "-H ldap:///";

> Ldapserver, if I started the slapd like this.
> But with
> ..... -h "ldaps:// ldap://"; .....
> seems to work better. Are there any disadvantages in using this? What is 
> the main difference between these two ways to start slapd?

RFC 2255 allows URLs to have two '/' only, e.g.
ldap:// and ldap:/// should be equivalent.