On Fri, Jul 11, 2008 at 8:34 AM, Jochem van Dieten <[EMAIL PROTECTED]> wrote:
> I am trying to figure out the best way to connect a CF 8.01 application > to a Win2003 AD over secure LDAP. I have no need for client certificates > (no authentication, just confidentiality and integrity protection). > Unfortunately it appears as if the LDAP server will only accept SSLv3 > and TLSv1 and CF can at best use SSLv2. For a quick test I tunneled the > cfldap traffic over an stunnel connection (http://stunnel.org/) without > client certificates and that worked fine, but I would rather not depend > on that in a production environment. > > Any recommendations for an LDAP library that can do SSLv3 or a way to > downgrade MS AD to accept SSLv2? > Coldfusion has always lagged behind in secure connections to LDAP, so we ran an stunnel on a fairly trafficked site for about four years with no issue. Obviously, you have to aware of changes to stunnel when you run operating system updates, but otherwise stunnel is rock solid. speeves ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:308929 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
