New to FDS/LDAP doing a proof of concept and I have FDS 1.0.4
installed with SSL enabled on the DS side, TLS enabled on a FC 6
client. In ldap config I have TLS_REQCERT required.
Question is, should ldap traffic generated from the client to the
server pass on port 636 or port 389, I am seeing traffic that is
supposed to be encrypted passing on the regular ldap port (389).
I am seeing what appears to be correct in the access logs during the
communication indicating that the traffic is in fact encrypted.
[09/Nov/2006:18:50:10 -0600] conn=3 fd=65 slot=65 connection from
151.148.60.67 to 151.148.218.175
[09/Nov/2006:18:50:10 -0600] conn=3 op=0 EXT
oid="1.3.6.1.4.1.1466.20037" name="startTLS"
[09/Nov/2006:18:50:10 -0600] conn=3 op=0 RESULT err=0 tag=120
nentries=0 etime=0
[09/Nov/2006:18:50:10 -0600] conn=3 SSL 256-bit AES
[09/Nov/2006:18:50:10 -0600] conn=3 op=1 BIND dn="" method=128 version=3
[09/Nov/2006:18:50:10 -0600] conn=3 op=1 RESULT err=0 tag=97
nentries=0 etime=0 dn=""
[09/Nov/2006:18:50:10 -0600] conn=3 op=2 SRCH
base="ou=People,dc=example,dc=com" scope=2 filter="(uid=testuser)"
attrs=ALL
[09/Nov/2006:18:50:10 -0600] conn=3 op=2 RESULT err=0 tag=101
nentries=1 etime=0
[09/Nov/2006:18:50:10 -0600] conn=3 op=3 UNBIND
[09/Nov/2006:18:50:10 -0600] conn=3 op=3 fd=65 closed - U1
Thanks,
Greg
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
