[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS issue with SLES11

On Saturday, 27 August 2011 12:23:38 pradyumna dash wrote:
> Hi,
> I want to achieve ldaps, that means all the communication should use 636
> port,

You had done the configuration to *allow* encrypted communication.

> i have changed the parameters in the /etc/openldap/sysconfig file,
> but no luck.

Well, I don't know which of the following two you are trying to achieve:

1)Force all communication to be to a process listening on port 636
2)Force all communication to be via ldaps:///
3)Force all communication to be encrypted to a specific strength

Note that (1) may not achieve (3), and (2) might prevent clients that are 
capable of achieving (3) but not (2) from working.

Most likely you want to look at the 'security' statement covered in 
slapd.conf(5) to achieve (3).