Re: Mysteries of openldap
- From: Craig White <craig@xxxxxxxxxxxxx>
- Date: Fri, 30 Nov 2007 15:12:32 -0700
On Fri, 2007-11-30 at 16:07 -0600, Anthony Messina wrote:
On Friday 30 November 2007 03:59:15 pm Timothy Murphy wrote:----
Craig White wrote:
I'm running openldap on my desktop,
and can access it fine from my laptop.
But I'd like to use TLS encryption
(as the desktop ldap is open to the world).
Unfortunately I find the openldap documentation
very difficult to follow.
...
short answer, use ldaps - even though it is deprecated.
Well, thanks very much for your response.
I'll try ldaps, as you suggest.
I couldn't tell, from the documentation,
what the difference is between ldap + TLS and ldaps,
except that they seem to use different ports.
ldaps is ldap over ssl, port 636: this would be similar to using https://
instead of http://
ldap + tls is ldap using the start_tls mechanism, port 389
yes, more common these days to use URI than HOST designations.
uri ldaps://some.fqdn:636
similar to
uri ldap://some.fqdn:389
ssl start_tls
be sure that your self-signed certs, dns, system all use the same host
names
Craig
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
- References:
- Mysteries of openldap
- From: Timothy Murphy
- Re: Mysteries of openldap
- From: Craig White
- Re: Mysteries of openldap
- From: Timothy Murphy
- Re: Mysteries of openldap
- From: Anthony Messina
- Mysteries of openldap
- Prev by Date: Re: Mysteries of openldap
- Next by Date: pb with openpgp and thunderbird
- Previous by thread: Re: Mysteries of openldap
- Next by thread: Re: Mysteries of openldap
- Index(es):
Relevant Pages
|
