[Date Prev][Date Next]
Antw: Re: Q: TLS support
>>> Quanah Gibson-Mount <email@example.com> schrieb am 16.07.2013 um 18:08 in
> --On Tuesday, July 16, 2013 8:17 AM +0200 Ulrich Windl
> <Ulrich.Windl@rz.uni-regensburg.de> wrote:
>> I have some questions on TLS support in OpenLDAP:
>> 1) How can I find out which cipher suite had been configured (when using
>> the distribution-supplied version)? From ldd I guess my slapd is using
> If specific cipher suites have been configured, it would be in the slapd
> configuration. Otherwise, they'll be negotiated.
The question was: (How) can (if at all) I find out what cipher suite was compiled (linked with) into slapd?
>> 2) Is the restriction ("This directive is not supported when using
>> GnuTLS.") on TLSCACertificatePath and GunTLS still effective? I'd like to
>> use it, but I'm unsure what the cipher suite is.
> Why would you want to use an inferior and insecure TLS implementation?
I don't want to use GnuTLS; I wonder whether I can safely use the more flexible TLSCACertificatePath instead of a CA bundle file.
> Quanah Gibson-Mount
> Lead Engineer
> Zimbra, Inc
> Zimbra :: the leader in open source messaging and collaboration