"Dieter Kluenter" dieter@dkluenter.de writes:
Gunnar Frenzel Gunnar_Frenzel@web.de writes:
Hello,
I've configured openldap (v2.4.16 on FreeBSD 7.2) to listen on ldaps (with self signed certificate) as well as ldapi.
[...]
security ssf=128
[...]
Connecting to ldaps (port 636) with clients such as Thunderbird, Apache Directory Studio works fine. But when I try to connect via ldapi (port 389) from a webmail tool on the same server I always get the error "Confidentiality required" from openldap. I want to connect to ldapi (as it is local on the server) without TLS or other encryption but openldap doesn't seem to allow that in my configuration. I tried localSSF set to 0 which doesn't make any difference...
The hard coded ssf for ldapi is 71, so you have to reduce security ssf.
the default ssf for ldapi can be modified by adding localSSF <ssf> to slapd.conf(5).
-Dieter