[Date Prev][Date Next]
Re: Help with openldap and starttls
--On Thursday, April 15, 2010 3:55 PM -0700 john espiro
Ok - this is actually very helpful...
So I think I have just one set of remaining questions:
1) In /etc/openldap/ldap.conf, I currently have:
This says the clients should default to using the ldapi:/// socket.
Compare that to the options you are providing to slapd, to see if you think
this will work.
2) what command line parameters do I want to run openldap with?
Currently mine is running with:
/usr/sbin/slapd -u ldap -h ldap://127.0.0.1:389 ldaps://127.0.0.1:636
It seems I should at least be removing the *:636 part since it will be
using STARTTLS, correct?
It's up to you. Some old pieces of software don't support startTLS. Some
poorly written modern pieces of software don't support it either.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration