Yeah, the transport must be there, but more importantly, it must be enabled.
I'm wondering if the lack of certificate in the configuration does not currently trigger auto-generation of a self-signed certificate in the current implementation. Any idea, guys? Regards, Pierre-Arnaud On 22 nov. 2010, at 16:49, Hammond, Steven wrote: > As long as both the transport and the certificate are available. Just having > the transport, still cannot do LDAPS without a certificate. Maybe it is > always there now, but it was not in 1.5.3. > > From: Emmanuel Lecharny [mailto:[email protected]] Sent: Monday, November > 22, 2010 7:55 AM > > On 11/22/10 3:37 PM, Pierre-Arnaud Marcelot wrote: >> Hi Emmanuel, >> >> On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote: >> >>>> WDYT ? >>> IMO, if the SSL transport is present, then LDAPS should be enabled. No need >>> for an extra flag. >> I agree with this (transport being present and enabled). >> >> But I propose we make this a consistent behavior all across the servers >> In that case, how about removing the 'ads-enable' attribute from the servers >> entries and look for the value in the transport ? > +1, if everybody agree, of course. > > > -- > Regards, > Cordialement, > Emmanuel Lécharny > www.iktek.com >
