[Date Prev][Date Next]
Re: ldapi security level?
man, 05.07.2004 kl. 21.12 skrev Kurt D. Zeilenga:
> So, maybe, some don't consider ldapi:// to be "more secure"
> than TLS with a "strong" TLS cipher. I find myself using
> TLS (with strong ciphers) over ldapi://. I don't find
> that all that strange.
Not often I'm taken aback, but ... How on earth do you do this? With
2.2.x on 2 different rigs (ldap.conf has 'uri
ldapi://%2fusr%2flocal%2fvar%2fslapd%2fldapi/'), I get:
1134 [root:billy.demon.nl] /etc/postfix/maps # ldapsearch -ZZ -x
ldap_start_tls: Connect error (-11)
additional info: TLS: hostname does not match CN in peer
More important, perhaps: Why would you want to?
Happiness is having your cat jump in through the window and
greet you, with the light summer dew yet a few seconds wet
on his coat.