[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Force client to use TLS

To: Buchan Milne <bgmilne@staff.telkomsa.net>
Subject: Re: Force client to use TLS
From: Atom Powers <apowers@digipen.edu>
Date: Thu, 29 Jun 2006 08:25:19 -0700
Cc: aubert@iut-bm.univ-fcomte.fr, openldap-software@OpenLDAP.org
In-reply-to: <200606291520.40692.bgmilne@staff.telkomsa.net>
References: <20060628220800.nbkvgnvpvipcs0w4@webmail2.iut-bm.univ-fcomte.fr> <200606291520.40692.bgmilne@staff.telkomsa.net>
User-agent: Thunderbird 1.5.0.4 (Windows/20060516)

Buchan Milne wrote:

On Wednesday 28 June 2006 22:08, aubert@iut-bm.univ-fcomte.fr wrote:

Hello.

I would like to know if it is possible with OpenLDAP to force user to
use TLS ? I know that I can create a certificate for each user and
configure OpenLDAP to perform checks on client certificates for an
incoming TLS session. First, it obliges to generate a certificate for
each user, what I do not want to do. Second, it is only if a TLS
session is initiated. What happened if the client does not start a TLS
session ?


How about just:

security ssf=128


Or: security tls=1

--
Perfection is just a word I use occasionally with mustard.
--Atom Powers--
Systems Administrator
DigiPen Institute of Technology
(425) 895-4443

Follow-Ups:
- Re: Force client to use TLS
  - From: aubert@iut-bm.univ-fcomte.fr

References:
- Force client to use TLS
  - From: aubert@iut-bm.univ-fcomte.fr
- Re: Force client to use TLS
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: Re: Problem with searches transgressing suffixmassage-d suffix
Next by Date: Re: Problem with searches transgressing suffixmassage-d suffix
Index(es):
- Chronological
- Thread