[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Require use of SSL..


"adp" <dap99@i-55.com> writes:

> I have been studying 'require' for slapd, but it doesn't appear to do what I
> want. Hopefully someone can help here. I want to force all connections to be
> over SSL. Is there an easy way to do this? I know that OpenLDAP supports
> both ldaps (just ldap over SSL on port 636 from what I can see) and StartTLS
> (port 389). What I can't see is how to enforce the use of StartTLS. Also, is
> there any reason why this would be a bad idea? We are using LDAP mostly to
> auth user logins (not yet actually).

To enforce start_tls just edit ldap.conf and ~/.ldaprc.
See part TLS OPTIONS in man ldap.conf(5)


Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de