[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Force client to use TLS

On Wed, Jun 28, 2006 at 10:08:00PM +0200, aubert@iut-bm.univ-fcomte.fr wrote:
> Hello.
> I would like to know if it is possible with OpenLDAP to force user to use TLS ? I know 
> that I can create a certificate for each user and configure OpenLDAP to perform checks 
> on client certificates for an incoming TLS session. First, it obliges to generate a 
> certificate for each user, what I do not want to do. Second, it is only if a TLS 
> session is initiated. What happened if the client does not start a TLS session ?

You can use
security 128
string in slapd.conf for force client to use TLS

Dmitriy Kirhlarov
OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia
P:+7 495 105 7247 ext.203 F:+7 495 105 7246 E:DmitriyKirhlarov@oilspace.com
OILspace - The resource enriched - www.oilspace.com