At 03:44 PM 1/21/2007, Jean-Yves Avenard wrote: >On 1/22/07, Kurt D. Zeilenga <[EMAIL PROTECTED]> wrote: >>Given other clients seem to work well using ldaps://, >>it seems more likely that this particular client is >>not properly configured or is otherwise flawed. > >Unfortunately, I have no play on how to configure this client as this >is one major one !
You might ask on a list supporting the particular client you are using how to configure this client to secure LDAP with TLS (SSL). >Actually, two quite common do not work with OpenLDAP over SSL :( >But they will work fine over a non encrypted link > >>I guess that the client is configured to use ldap://server:636 >>not ldaps://server:636. >That was my guess also. >I there anything I can do on the server side to get over the flaw of >broken clients ? If the client doesn't support securing LDAP with TLS (SSL), either by using ldaps:// or by using ldap:// with Start TLS, there is nothing the server can do to change that. You can configure the server to support ldap:// on port 636 instead of ldaps:// if you want, but I don't recommend doing so. Kurt
