[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Force client to use TLS



On Thursday 29 June 2006 17:25, Atom Powers wrote:
> Buchan Milne wrote:
> > On Wednesday 28 June 2006 22:08, aubert@iut-bm.univ-fcomte.fr wrote:
> >> Hello.
> >>
> >> I would like to know if it is possible with OpenLDAP to force user to
> >> use TLS ? I know that I can create a certificate for each user and
> >> configure OpenLDAP to perform checks on client certificates for an
> >> incoming TLS session. First, it obliges to generate a certificate for
> >> each user, what I do not want to do. Second, it is only if a TLS
> >> session is initiated. What happened if the client does not start a TLS
> >> session ?
> >
> > How about just:
> >
> > security ssf=128
>
> Or: security tls=1
What if I want to force TLS except on the loopback interface?

Regards,
Thierry.