[Date Prev][Date Next]
Re: Force client to use TLS
On Thursday 29 June 2006 17:25, Atom Powers wrote:
> Buchan Milne wrote:
> > On Wednesday 28 June 2006 22:08, email@example.com wrote:
> >> Hello.
> >> I would like to know if it is possible with OpenLDAP to force user to
> >> use TLS ? I know that I can create a certificate for each user and
> >> configure OpenLDAP to perform checks on client certificates for an
> >> incoming TLS session. First, it obliges to generate a certificate for
> >> each user, what I do not want to do. Second, it is only if a TLS
> >> session is initiated. What happened if the client does not start a TLS
> >> session ?
> > How about just:
> > security ssf=128
> Or: security tls=1
What if I want to force TLS except on the loopback interface?