Re: OpenLDAP with ssl client certs

1 Nov 2013


      Brent Bice wrote:
...
 I was recently asked if we could use ssl client certs as a 2nd form

of authentication with OpenLDAP and didn't know for sure.  Is it
possible to have OpenLDAP require both a DN/password pair *and* a client
ssl cert?
You can make the server require a client cert, but it won't use the 
certificate identity for anything unless you Bind with SASL/EXTERNAL.
http://www.openldap.org/doc/admin24/sasl.html#EXTERNAL
And naturally, if you're using SASL, then the DN/password pair is ignored.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: OpenLDAP with ssl client certs