[Date Prev][Date Next]
Re: OpenLDAP issues when connecting over SSL
At 03:44 PM 1/21/2007, Jean-Yves Avenard wrote:
>On 1/22/07, Kurt D. Zeilenga <Kurt@openldap.org> wrote:
>>Given other clients seem to work well using ldaps://,
>>it seems more likely that this particular client is
>>not properly configured or is otherwise flawed.
>Unfortunately, I have no play on how to configure this client as this
>is one major one !
You might ask on a list supporting the particular client you
are using how to configure this client to secure LDAP with TLS
>Actually, two quite common do not work with OpenLDAP over SSL :(
>But they will work fine over a non encrypted link
>>I guess that the client is configured to use ldap://server:636
>That was my guess also.
>I there anything I can do on the server side to get over the flaw of
>broken clients ?
If the client doesn't support securing LDAP with TLS (SSL),
either by using ldaps:// or by using ldap:// with Start TLS,
there is nothing the server can do to change that. You
can configure the server to support ldap:// on port 636 instead
of ldaps:// if you want, but I don't recommend doing so.