directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: [ApacheDS] Enablement of LDAPS (SSL) Service in ApacheDS 2.0 configuration
Date Mon, 22 Nov 2010 16:22:13 GMT
On Mon, Nov 22, 2010 at 6:19 PM, Pierre-Arnaud Marcelot <pa@marcelot.net> wrote:
> Yeah, the transport must be there, but more importantly, it must be enabled.
>
> I'm wondering if the lack of certificate in the configuration does not currently trigger
auto-generation of a self-signed certificate in the current implementation.
>
> Any idea, guys?
it gets generated automatically
>
> Regards,
> Pierre-Arnaud
>
> On 22 nov. 2010, at 16:49, Hammond, Steven wrote:
>
>> As long as both the transport and the certificate are available.  Just having the
transport, still cannot do LDAPS without a certificate.  Maybe it is always there now, but
it was not in 1.5.3.
>>
>> From: Emmanuel Lecharny [mailto:elecharny@gmail.com] Sent: Monday, November 22, 2010
7:55 AM
>>
>> On 11/22/10 3:37 PM, Pierre-Arnaud Marcelot wrote:
>>> Hi Emmanuel,
>>>
>>> On 22 nov. 2010, at 15:31, Emmanuel Lecharny wrote:
>>>
>>>>> WDYT ?
>>>> IMO, if the SSL transport is present, then LDAPS should be enabled. No need
for an extra flag.
>>> I agree with this (transport being present and enabled).
>>>
>>> But I propose we make this a consistent behavior all across the servers
>>> In that case, how about removing the 'ads-enable' attribute from the servers
entries and look for the value in the transport ?
>> +1, if everybody agree, of course.
>>
>>
>> --
>> Regards,
>> Cordialement,
>> Emmanuel Lécharny
>> www.iktek.com
>>
>
>



-- 
Kiran Ayyagari

Mime
View raw message