[Date Prev][Date Next]
Re: Force client to use TLS
Kurt D. Zeilenga wrote:
At 12:28 PM 9/28/2006, Michael Häusler wrote:
In other words: Is there something I can put into ldap.conf, so
that I don't have to give the -Z switch to the commandline
utilities (e.g. a URI like ldap+tls://ldap.example.com)?
You can use an ldaps:// URI to enable use of LDAP over TLS, but there
here is no ldap.conf(5) option to enable use of the LDAP StartTLS
Thank you very much for your fast answer.
I am curious: is there a difference between StartTLS and LDAPS, that
makes such an ldap.conf(5) option difficult? It seems to me that
ldap.conf would be the natural place to configure the use of StartTLS.
Imho, since LDAPS is deprecated, there is a need for such an option.