Hi, I am using sssd with out a domain join. So I am using a binding account which is working fine.
I use our root CA to encrypt the communication to use ldaps over port 636. I found this FAQ https://docs.pagure.org/SSSD.sssd/users/faq.html (refering to the Authentication fails against LDAP section) Do I understand correctly that the communication is encrypted over TLS when I dont use ldaps?When this is the case I would not need the root ca certificate and can avoid the problem in running into an expiring certificate? Just for my understanding.. How is the TLS encryption to the DC possible if I don't have a certificate? When I dont use ldaps is every communication encrypted or only the transmission of the users password? What would speak for a ssl encryption over 636 if ldap over 389 is encrypted aswell with out certificate? Thank you and have a nice day!
_______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org
