[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: olcSecurity: tls=1 and olcLocalSSF= : what value should I use?
Hi,
* Quanah Gibson-Mount <quanah@symas.com> [20180906 14:36]:
> --On Thursday, September 06, 2018 1:40 PM -0400 Jean-Francois
> Malouin <Jean-Francois.Malouin@bic.mni.mcgill.ca> wrote:
>
> >I guess I need to modify either 'olcSecurity: tls=1' in the database
> >config or add/insert the proper value for 'olcLocalSSF=' in the
> >cn=config. What value should I use in order to still force StartTLS over
> >simple binding and allow read/write/modify local access on the ldapi:///
> >listener.
>
> Hello,
>
> Just set:
>
> olcSecurity: ssf=1
>
> that will allow either to work as *some* SSF level is then required.
>
> As long as you have tls=X, then it will always require TLS,
> regardless of what the LocalSSF setting is configured to be.
Thank you for the pointer!
jf
>
> --Quanah
>
>
> --
>
> Quanah Gibson-Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>