[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL problems

To: Matthew Hardin <mhardin@symas.com>
Subject: Re: TLS/SSL problems
From: Craig <craig5@pobox.com>
Date: Tue, 29 May 2007 18:00:50 -0700
Cc: openldap-software@openldap.org
In-reply-to: <00e701c79d2e$80504870$01fea8c0@symas.net>
References: <00e701c79d2e$80504870$01fea8c0@symas.net>
User-agent: Thunderbird 2.0.0.0 (X11/20070326)

Matthew Hardin wrote:

Craig said:
[...]
I know about the "-x" option. But, once that happens, it looks like the
passwords are sent in clear text. (I did some packet traces and that's
what it looks like to me.)
That would only happen because an SSL or TLS connection is not being established. See slapd.conf(5) and ldap.conf(5) for information on forcing OpenLDAP to use SSL or TLS connections.
Using ldapsearch -d 7 -x -D <yourdn> -w <yourpassword> ... will show you if
a successful SSL handshake is taking place. If it is not, then there will be
no encryption.

It looks like there is NO encryption. But, I'm not really sure what I am looking for...

date. You will probably have better luck on this list (and ultimately with
the software itself) if you upgrade to a current version of OpenLDAP. There

I compiled and installed 2.3.35, so, that's one less thing to worry about. :)

I just got the new version running, so I haven't tweaked anything yet. I just thought I'd see if you had any more ideas...

TIA

References:
- RE: TLS/SSL problems
  - From: "Matthew Hardin" <mhardin@symas.com>

Prev by Date: Re: ldap_sasl_interactive_bind_s
Next by Date: retrieve referral hosts after ldap_modify_s()
Index(es):
- Chronological
- Thread