8 Dec
2009
8 Dec
'09
6:44 a.m.
Am Dienstag 08 Dezember 2009 13:50:21 schrieb Hallvard B Furuseth:
hyc@OpenLDAP.org writes:
ITS#6419 also init for ldaps:// URIs
Does it work for ldapi:// as well? (And should it?) I seem to remember StartTLS does work for ldapi, though I don't know what a sensible host name in the server cert would be in that case.
If StartTLS works for ldapi:// (I never tried it). The ITS#6419 should work in the ldapi:// case as a "start_tls=critical|yes" would need to be present in the bindconf. That will trigger tls initialization as well. Have a look at the previous config.c commit (1.509) for details.
--
Ralf