[
https://issues.apache.org/jira/browse/DIRSTUDIO-1219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17353933#comment-17353933
]
Stefan Seelmann commented on DIRSTUDIO-1219:
--------------------------------------------
Wow, that's correct. Why did we ignore this issue so long?
When using SASL authentication StartTLS is not activated and the connections
remains unencrypted, even if usage of StartTLS is configured!
> Directory Studio doesn't StartTLS before authenticating
> -------------------------------------------------------
>
> Key: DIRSTUDIO-1219
> URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1219
> Project: Directory Studio
> Issue Type: Bug
> Components: studio-connection
> Environment: Apache Directory Studio is running on Mac OS 10.14 with
> jdk1.8.0_201.
> Reporter: Hugh Cole-Baker
> Priority: Major
>
> There is an issue connecting to an OpenLDAP server configured with
> olcSaslSecProps: noplain,noanonymous,minssf=1
> i.e. The server requires some form of transport encryption. I have chosen
> StartTLS and SASL GSSAPI authentication, but Directory Studio doesn't
> actually do StartTLS before binding - I can see this by looking at the
> network traffic using Wireshark. I would have expected it to start TLS before
> attempting to bind.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
