Jerry wrote:
On Thu, 10 Mar 2016 10:47:51 -0800, Quanah Gibson-Mount stated:
--On Thursday, March 10, 2016 1:05 PM -0500 Jerry jerry@seibercom.net wrote:
I just started creating a new server with FreeBSD 11. I installed the openldap port. Now I am trying to figure out how to get sasl2 up and running. Openldap is running fine now without it, but I want to secure it further. Can anyone suggest a good "How to" on how to accomplish this on a FreeBSD OS (if that makes any difference). Examples are welcomed :)
What is it you want to do, exactly?
Right now, it is my understanding that everything passes through in clear text. I wanted to enforce TLS. Maybe it is not a big deal. I have been reading where it is suppose to be a good idea.
TLS and SASL are different things. You don't need SASL for TLS encrypted data channel. Unless you want to use SASL/EXTERNAL with TLS client certs of course.
Ciao, Michael.