[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Q: different SSF settings for ldapi:// than for ldap:

Ulrich Windl wrote:
I've configured slapd to require excryption (confidentiality).

You did not post relevant configuration details.

connections via ldapi:// fail with "13 Confidentiality required". When
adding "-ZZ" for ldapsearch (e.g.), the connection fails, because the
certificate does not match ldapi:// (I asked about that before, but got no
answer). How can I configure slapd not to require confidentiality?

Obviously using TLS over ldapi:// does not make sense.

I have this in my config:

# SSF value for ldapi://
localSSF 256
# minimum required SSF value (security strength factor)
security ssf=128

See slapd.conf(5) for details.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature