Re: Requiring TLS/SSL communication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 
Yes I thought about that, but I'm supporting some legacy Linux/Unix system which I provide LDAP/NIS auth from the Directory Server.
I don't really want to break things, I'm just phasing things out gradually. 

					Cheers then, Ashley


On Fri, 4 May 2007, Richard Megginson wrote:


ashley wrote:
It depends on your distribution but pretty much all the same as I found it you have to edit ldap.conf but you may have to do a little bit of fiddling before you can get it working. 

Anyways I've got this also documented on my web site

http://www.csse.uwa.edu.au/~ashley/
Look at LDAP Fedora Directory Server HOWTO with SSL & NOSSL for Unix/ Linux / MacOSX / Windows Client Binding document. 

Look at section 3.3 Binding Linux/Unix Machines to LDAPs.

I've did this last year and should still be applicable.

Thanks Ashley.
Another trick you can use on the server side is to just shut off the non-secure port by using a value of 0 for cn=config nsslapd-port. Then the server will only listen for LDAPS requests. 

                    Regards Ashley


On Thu, 3 May 2007, Eric Brown wrote:


I have got SSL set up and working, but I have not figured out how I
can require that users only connect through a secure connection (SSL
or TLS) and deny access to cleartext communication.

I was able to do this with OpenLDAP, but it was done in the slapd.conf
file. I have not found any documentation on how to set it up or if it
is even possible with FDS.

Is there any doc or does anyone have any information on how to do this?

Thanks
Eric

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users


!DSPAM:272,4639f614145012118015795!






!DSPAM:272,463b48cc91651926681497!



--
Ashley Chew - Systems Administrator
School of Computer Science and Software Engineering
University of Western Australia
Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089
Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley

"There is no such thing as Fate, Fate is what you make of it!"

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux