[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS-based authentication?

To: openldap-software@OpenLDAP.org
Subject: Re: TLS-based authentication?
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Thu, 26 Jun 2003 21:53:14 +0200
In-reply-to: <20030626161744.GX20969@ns.snowman.net> (Stephen Frost's message of "Thu, 26 Jun 2003 12:17:44 -0400")
References: <20030626161744.GX20969@ns.snowman.net>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Hi Stephen,

Stephen Frost <sfrost@snowman.net> writes:

> Hey all,
>
>   Any of you folks using TLS-based authentication?  Where you're
>   actually using TLS to perform your authentication to slapd?  (Not just
>   encryption and whanot).
>
>   The reason I ask is that it would be difficult to support that using
>   GNU TLS in place of OpenSSL and we're wondering how much interest
>   there is for it.

I presume you are referring to SASL EXTERNAL mechanism, using X.509
certificates to authenticate against a directory server.
Yes, I do use X.509 certificates generated by openssl.

-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.--.-- 
dieter@marin:~> ldapwhoami -Y EXTERNAL -ZZ
SASL/EXTERNAL authentication started
SASL username: CN=Dieter Kluenter,OU=partner,O=avci,C=de
SASL SSF: 0
dn:cn=dieter kluenter,ou=partner,o=avci,c=de
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.---.-.--

Are you looking for something like the above?

-Dieter
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour

References:
- TLS-based authentication?
  - From: Stephen Frost <sfrost@snowman.net>

Prev by Date: RE: Last attempt at TLS/SSL
Next by Date: RE: Last attempt at TLS/SSL
Index(es):
- Chronological
- Thread