[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL problems

Matthew Hardin wrote:
Craig said:
I know about the "-x" option. But, once that happens, it looks like the
passwords are sent in clear text. (I did some packet traces and that's
what it looks like to me.)

That would only happen because an SSL or TLS connection is not being
established. See slapd.conf(5) and ldap.conf(5) for information on forcing
OpenLDAP to use SSL or TLS connections.

Using ldapsearch -d 7 -x -D <yourdn> -w <yourpassword> ... will show you if
a successful SSL handshake is taking place. If it is not, then there will be
no encryption.

It looks like there is NO encryption. But, I'm not really sure what I am looking for...

date. You will probably have better luck on this list (and ultimately with
the software itself) if you upgrade to a current version of OpenLDAP. There

I compiled and installed 2.3.35, so, that's one less thing to worry about. :)

I just got the new version running, so I haven't tweaked anything yet. I just thought I'd see if you had any more ideas...