[Date Prev][Date Next]
Re: Forcing start_tls on client connections?
If you search the mailing list archives, you'll find I asked a similar
I believe the recommended solution to this is to use the directive:
in slapd.conf, where <#> should be replaced with the "strength" of the
cryptography being used, e.g. 128 . This takes the same type of
argument as the security ssf directive.
According to the FAQ on openldap.org , ldaps:// is deprecated in favor
of TLS on the standard ldap port.
--- Gavin Henry <firstname.lastname@example.org> wrote:
> Dear List,
> If running on the started 389 port, is it possible to only allow TLS
> Or is the better way to switch off port 389 and only listen on
> ldaps:/// ??
Start your day with Yahoo! - make it your home page