Hi,
* Quanah Gibson-Mount quanah@symas.com [20180906 14:36]:
--On Thursday, September 06, 2018 1:40 PM -0400 Jean-Francois Malouin Jean-Francois.Malouin@bic.mni.mcgill.ca wrote:
I guess I need to modify either 'olcSecurity: tls=1' in the database config or add/insert the proper value for 'olcLocalSSF=' in the cn=config. What value should I use in order to still force StartTLS over simple binding and allow read/write/modify local access on the ldapi:/// listener.
Hello,
Just set:
olcSecurity: ssf=1
that will allow either to work as *some* SSF level is then required.
As long as you have tls=X, then it will always require TLS, regardless of what the LocalSSF setting is configured to be.
Thank you for the pointer!
jf
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com