[email protected] wrote: > Full_Name: Michael Keller > Version: 2.4.20 > OS: SLES 11 SP1 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (95.131.98.154) > > > I have configured slapd to accept only TLS connections with: > > security ssf=1 update_ssf=112 simple_bind=64 > > A ldapsearch -x returns correctly a > "# search result > search: 2 > result: 13 Confidentiality required > text: confidentiality required" > > When using TLS_REQCERT=demand a > ldapsearch -x -Z still returns results, even if a bad certificate comes from > the > server. See debug output below. > ldapsearch -x -Z
Works as designed. Read the description for the -Z flag again. Closing this ITS. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
