directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pierre-Arnaud Marcelot ...@marcelot.net>
Subject Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration
Date Mon, 22 Nov 2010 16:19:58 GMT
Yeah, the transport must be there, but more importantly, it must be enabled.

I'm wondering if the lack of certificate in the configuration does not currently trigger auto-generation
of a self-signed certificate in the current implementation.

Any idea, guys?

Regards,
Pierre-Arnaud

On 22 nov. 2010, at 16:49, Hammond, Steven wrote:

> As long as both the transport and the certificate are available.  Just having the transport,
still cannot do LDAPS without a certificate.  Maybe it is always there now, but it was not
in 1.5.3.
> 
> From: Emmanuel Lecharny [mailto:elecharny@gmail.com] Sent: Monday, November 22, 2010
7:55 AM
> 
> On 11/22/10 3:37 PM, Pierre-Arnaud Marcelot wrote:
>> Hi Emmanuel,
>> 
>> On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote:
>> 
>>>> WDYT ?
>>> IMO, if the SSL transport is present, then LDAPS should be enabled. No need for
an extra flag.
>> I agree with this (transport being present and enabled).
>> 
>> But I propose we make this a consistent behavior all across the servers
>> In that case, how about removing the 'ads-enable' attribute from the servers entries
and look for the value in the transport ?
> +1, if everybody agree, of course.
> 
> 
> -- 
> Regards,
> Cordialement,
> Emmanuel L├ęcharny
> www.iktek.com
> 


Mime
View raw message