On Sun, Aug 22, 2010 at 08:58:35PM +1100, Winston Smith wrote:
> The ldap_table(5) man page states a parameter 'tls_key' which is confusing.
This is a client private key.
> Reading a bit more, there is a parameter 'tls_cert'
> which shall point to a 'client certificate'.
This is a client cert.
> If that's the case, how can I turn this off?
Leave these empty, which is the default. Don't configure your LDAP server
to request/require client certs.
> The man page says this parameter is mandatory,
No, it is not mandatory, rather you must set it, *if* you want a client
cert, there is no default client cert.
--
Viktor.
