[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapi -> "Confidentiality required" problem

Dieter Kluenter wrote:
Gunnar Frenzel<Gunnar_Frenzel@web.de>  writes:


I've configured openldap (v2.4.16 on FreeBSD 7.2) to listen on ldaps
(with self signed certificate) as well as ldapi.
security ssf=128
Connecting to ldaps (port 636) with clients such as Thunderbird,
Apache Directory Studio works fine. But when I try to connect via
ldapi (port 389) from a webmail tool on the same server I always get
the error "Confidentiality required" from openldap. I want to connect
to ldapi (as it is local on the server) without TLS or other
encryption but openldap doesn't seem to allow that in my
configuration. I tried localSSF set to 0 which doesn't make any

The hard coded ssf for ldapi is 71, so you have to reduce security

Or set "localSSF 128" to match the requirement...

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/