[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How enforce TLS connection to openldap server only?

--On Wednesday, September 19, 2012 8:58 PM -0400 Yan Gong <yan@fabric.com> wrote:


I successfully set up TLS on both openldap server and client through port
389 on ubuntu.

I didn't use SSL through port 636.

However, I found non encrypted/clear text connections can be made through
port 389

to the openldap server as well.

How can I enforce TLS connection only and reject any non encrypted

Should I use olcAccess or olcSecurity? or both? I couldn't find any
detailed steps/documentation

olcSecurity would enforce encryption for any and all connections. Note that you have to restart slapd for it to take effect.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration