[Fedora-directory-users] pam_ldap with SSL/TLS
Richard Megginson
rmeggins at redhat.com
Thu Nov 30 18:08:08 UTC 2006
Morris, Patrick wrote:
>> I am trying to setup pam_ldap to use TLS to communicate with
>> the FDS, but having lots of problems doing so; it works if I
>> use the unencrypted way but not if I use ldaps ( port 636 )
>>
>
> Someone should jump in here and correct me if I'm wrong, but I believe
> it's normal for TLS connections to happen on the standard LDAP port.
> You should be able to tell from your logs whether the connection is
> encrypted or not.
>
Yes. The LDAP "preferred" way is to use the startTLS extended operation
which starts a TLS session on the non-secure port. This will be logged
in the access log.
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20061130/0634e78a/attachment.bin>
More information about the 389-users
mailing list