[ https://issues.apache.org/jira/browse/DIRSTUDIO-1219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17353933#comment-17353933 ]
Stefan Seelmann commented on DIRSTUDIO-1219: -------------------------------------------- Wow, that's correct. Why did we ignore this issue so long? When using SASL authentication StartTLS is not activated and the connections remains unencrypted, even if usage of StartTLS is configured! > Directory Studio doesn't StartTLS before authenticating > ------------------------------------------------------- > > Key: DIRSTUDIO-1219 > URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1219 > Project: Directory Studio > Issue Type: Bug > Components: studio-connection > Environment: Apache Directory Studio is running on Mac OS 10.14 with > jdk1.8.0_201. > Reporter: Hugh Cole-Baker > Priority: Major > > There is an issue connecting to an OpenLDAP server configured with > olcSaslSecProps: noplain,noanonymous,minssf=1 > i.e. The server requires some form of transport encryption. I have chosen > StartTLS and SASL GSSAPI authentication, but Directory Studio doesn't > actually do StartTLS before binding - I can see this by looking at the > network traffic using Wireshark. I would have expected it to start TLS before > attempting to bind. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@directory.apache.org For additional commands, e-mail: dev-h...@directory.apache.org