Hi Kevin, As I said earlier, startTLS uses ldap:/// protocol instead of ldaps:/// that's why I uses LDAP:/// in Knox configuration.
Regards, Aneela Saleem On Jul 20, 2015 8:08 PM, "Kevin Minder" <[email protected]> wrote: > Hi Annela, > To be totally honest with your I’m not certain. My concern is that since > your configuration uses “ldap://“ that the connection is somehow falling > back to a non-secure protocol. Is there a specific reason you haven’t > changed your Knox configuration to “ldaps://“? > Kevin. > > From: Aneela Saleem > Reply-To: "[email protected]" > Date: Wednesday, July 15, 2015 at 3:40 PM > To: "[email protected]" > Subject: Knox - LDAP authetication over startTLS > > Hi all, > > I have implemented LDAP with startTLS, that refers to an existing LDAP > session (listening on TCP port 389) becoming protected by TLS/SSL instead > of *ldaps:///* listening on port 636. > > So does knox still considers it an SSL secured LDAP connection, even i > have given LDAP service value being i.e., *ldap://localhost ?* >
