> I would like to require that *only* SSL/TLS connections be
allowed to
> my server. This is not to be confused with wanting SSL client
> authentication. I had initially thought I could do this with ACI
> using the authmethod="ssl", however after looking at the
> documentation closely and experimentation this refers to do client
> based SSL authentication as well. I do have SSL/TLS set up
> correctly, I just want to disallow non-encrypted traffic.
This is interesting. I swear that we had a 'transport security type' aci
las type.
I remember talking about it as if it existed many times. However, when I
look at the code I see that you are correct : the 'authmethod' thing is
really
looking for SASL_EXTERNAL/SSL authentication, and not SSL used
as transport.
Something for the todo list perhaps would be to add transport type:
encrypted or not and so on.