[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS issue with SLES11


Thanks for your valuable comments,

What i would like to configure is ldaps:// , I did it with RHAT distribution before, but dont know why its not working in SLES.
I am sure am doing something wrong.

I am just trying the steps once again, and will update you all.

But if you have any good URL for the above, please share.


On Mon, Aug 29, 2011 at 1:25 PM, Buchan Milne <bgmilne@staff.telkomsa.net> wrote:
On Saturday, 27 August 2011 12:23:38 pradyumna dash wrote:
> Hi,
> I want to achieve ldaps, that means all the communication should use 636
> port,

You had done the configuration to *allow* encrypted communication.

> i have changed the parameters in the /etc/openldap/sysconfig file,
> but no luck.

Well, I don't know which of the following two you are trying to achieve:

1)Force all communication to be to a process listening on port 636
2)Force all communication to be via ldaps:///
3)Force all communication to be encrypted to a specific strength

Note that (1) may not achieve (3), and (2) might prevent clients that are
capable of achieving (3) but not (2) from working.

Most likely you want to look at the 'security' statement covered in
slapd.conf(5) to achieve (3).