2 Oct
2020
2 Oct
'20
10:27 p.m.
Quanah Gibson-Mount wrote:
--On Saturday, October 3, 2020 12:36 AM +0000 Siddharth Jain siddjain@live.com wrote:
But ldapsearch throws an error:
$ ldapsearch -d 1 -x -H ldaps://ldap.foo.com:636 ... -ZZ
This is not valid.
Either you:
(a) use ldap:// with -ZZ (startTLS)
OR
(b) use ldaps://
Both will result in a TLS secured connection if successful
But you absolutely CANNOT combine startTLS + ldaps://
Also, TLS_CERT/TLS_KEY are user-only directives. Re-read the ldap.conf(5) manpage.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/