Quanah Gibson-Mount quanah@zimbra.com schrieb am 16.07.2013 um 18:08 in
Nachricht <7D4A20353DA988409253CCDE@[192.168.1.22]>:
--On Tuesday, July 16, 2013 8:17 AM +0200 Ulrich Windl Ulrich.Windl@rz.uni-regensburg.de wrote:
Hi!
I have some questions on TLS support in OpenLDAP:
- How can I find out which cipher suite had been configured (when using
the distribution-supplied version)? From ldd I guess my slapd is using libopenssl0_9_8.
If specific cipher suites have been configured, it would be in the slapd configuration. Otherwise, they'll be negotiated.
The question was: (How) can (if at all) I find out what cipher suite was compiled (linked with) into slapd?
- Is the restriction ("This directive is not supported when using
GnuTLS.") on TLSCACertificatePath and GunTLS still effective? I'd like to use it, but I'm unsure what the cipher suite is.
Why would you want to use an inferior and insecure TLS implementation?
I don't want to use GnuTLS; I wonder whether I can safely use the more flexible TLSCACertificatePath instead of a CA bundle file.
--Quanah
--
Quanah Gibson-Mount Lead Engineer Zimbra, Inc
Zimbra :: the leader in open source messaging and collaboration