[Date Prev][Date Next]
Re: Require use of SSL..
"adp" <firstname.lastname@example.org> writes:
> I have been studying 'require' for slapd, but it doesn't appear to do what I
> want. Hopefully someone can help here. I want to force all connections to be
> over SSL. Is there an easy way to do this? I know that OpenLDAP supports
> both ldaps (just ldap over SSL on port 636 from what I can see) and StartTLS
> (port 389). What I can't see is how to enforce the use of StartTLS. Also, is
> there any reason why this would be a bad idea? We are using LDAP mostly to
> auth user logins (not yet actually).
To enforce start_tls just edit ldap.conf and ~/.ldaprc.
See part TLS OPTIONS in man ldap.conf(5)
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521