[Date Prev][Date Next]
Trying to confirm use of TLS...
When running slapd with ldap:/// and ldaps:///, I understand that it
is listening on port 389 and 636. If my clients have /etc/ldap.conf
with an entry of 'ssl start_tls', I assume that means that my session
is encrypted (i.e. all data passed back and forth from client -> server
This being the case, I'm sure it is extremely critical to only allow
connections to slapd from trusted hosts, using tcp wrappers - correct?
If not, anybody can talk to my 389 port and therefore sniff.
I have tested with just ldaps:///, and it works, but I fear I can't
use slurpd/replication unless I use 389 - is that right?
Thanks for the info....
<>< ><> <>< ><> <>< ><> <>< ><> <>< ><> <><
Computer Science Department
voice : 978 934 3645
fax : 978 934 3551
cell : 603 930 5582 (emergencies only, please)