[Date Prev][Date Next]
Re: Force StartTLS on port 389
--On Wednesday, November 17, 2004 6:22 PM +0100 Fabio Spelta
I'm wondering if it's possible to configure slapd forcing it to listen
only to the 389 port (that should be easy, by running ithe daemon with
the adequate -h option) *and* accepting *only* TLS cyphered traffic, both
for authentication and for all the queries and their result. I searched
both the list archives and the FAQ-O-Matiq without founding the answer.
Thank you very much - this list supplies very well to the lack of
documentation about the topic.
Read about "ssf" settings in ACL's. This allows you to enforce sessions to
have an adequate security factor before you'll do anything with them.
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html