[Fedora-directory-users] Requiring TLS/SSL communication
Richard Megginson
rmeggins at redhat.com
Fri May 4 14:50:21 UTC 2007
ashley wrote:
>
> It depends on your distribution but pretty much all the same as I
> found it you have to edit ldap.conf but you may have to do a little
> bit of fiddling before you can get it working.
>
> Anyways I've got this also documented on my web site
>
> http://www.csse.uwa.edu.au/~ashley/
>
> Look at LDAP Fedora Directory Server HOWTO with SSL & NOSSL for Unix/
> Linux / MacOSX / Windows Client Binding document.
>
> Look at section 3.3 Binding Linux/Unix Machines to LDAPs.
>
> I've did this last year and should still be applicable.
Thanks Ashley.
Another trick you can use on the server side is to just shut off the
non-secure port by using a value of 0 for cn=config nsslapd-port. Then
the server will only listen for LDAPS requests.
>
> Regards Ashley
>
>
> On Thu, 3 May 2007, Eric Brown wrote:
>
>> I have got SSL set up and working, but I have not figured out how I
>> can require that users only connect through a secure connection (SSL
>> or TLS) and deny access to cleartext communication.
>>
>> I was able to do this with OpenLDAP, but it was done in the slapd.conf
>> file. I have not found any documentation on how to set it up or if it
>> is even possible with FDS.
>>
>> Is there any doc or does anyone have any information on how to do this?
>>
>> Thanks
>> Eric
>>
>> --
>> Fedora-directory-users mailing list
>> Fedora-directory-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>>
>> !DSPAM:272,4639f614145012118015795!
>>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070504/2a5990d2/attachment.bin>
More information about the Fedora-directory-users
mailing list