On 07/07/2010 11:17 AM, Cedric Jeanneret wrote:
Hello,
I'm trying to configure an openldap with TLS so that all connections are
encrypted.
Here's the revelent part of my slapd.conf:
TLSCipherSuite HIGH:MEDIUM:+SSLv3
TLSVerifyClient never
TLSCertificateFile /etc/ldap/ssl/server.crt
TLSCertificateKeyFile /etc/ldap/ssl/server.key
Here's my ldap.conf:
URI ldaps://my.server.ltd
BASE dc=my,dc=server,dc=ltd
LDAP_VERSION 3
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
ssl start_tls
ssl on
TLS_CIPHER_SUITE HIGH:MEDIUM:+SSLv3
Add
TLS_REQCERT allow
to your ldap.conf. See the ldap.conf man page for more information.
Regards,
Hugo Monteiro.
--
fct.unl.pt:~# cat .signature
Hugo Monteiro
Email : [email protected]
Telefone : +351 212948300 Ext.15307
Web : http://hmonteiro.net
Divisão de Informática
Faculdade de Ciências e Tecnologia da
Universidade Nova de Lisboa
Quinta da Torre 2829-516 Caparica Portugal
Telefone: +351 212948596 Fax: +351 212948548
www.fct.unl.pt [email protected]
fct.unl.pt:~# _
