[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL possible startup bug in slapd

To: monty@caldera.com
Subject: Re: TLS/SSL possible startup bug in slapd
From: Luke Howard <lukeh@PADL.COM>
Date: Sun, 28 Jan 2001 18:30:56 +1100
Cc: kurt@OpenLDAP.org, monty@caldera.com, openldap-devel@OpenLDAP.org
Organization: PADL Software Pty Ltd
References: <20010123105916.A5301@kyle.calderalabs.com> <5.0.2.1.0.20010123110547.00a6d0d0@router.boolean.net> <20010123125711.C5301@kyle.calderalabs.com>
Versions: dmail (bsd44) 2.2g/makemail 2.9a

>> But with Start TLS support.
>
>I guess the question here is, should users be allowed to toggle between TLS
>and non-TLS easily:
>
># slapd -h "ldap:/// ldaps:///"
>Enter PEM pass phrase:
># killall slapd
># slapd -h "ldap:///";
>          <-- There should not be a pw prompt here but there always is.
>#

I think you are confusing StartTLS support with ldaps:///
(LDAP over SSL/TLS, with a dedicated port).

As Kurt poitned out, StartTLS _is_ available when you start
with slapd -h "ldap:///";. Thus, the prompt is in fact correct.


-- Luke

--
Luke Howard | lukeh@padl.com
PADL Software | www.padl.com

References:
- TLS/SSL possible startup bug in slapd
  - From: Monty Charlton <monty@caldera.com>
- Re: TLS/SSL possible startup bug in slapd
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: TLS/SSL possible startup bug in slapd
  - From: Monty Charlton <monty@caldera.com>

Prev by Date: Patches for 2.0.7 (need testers - Tru64 UNIX, HP-UX)
Next by Date: contributing
Index(es):
- Chronological
- Thread