My product is a security product and hence I would like to stick to 2.4.44 or a version provided by buster i.e., 2.4.47.
May be 2.4.47 is a better option. What do you think?
On Tue, 11 Aug 2020 at 11:57 PM, Quanah Gibson-Mount quanah@symas.com wrote:
--On Wednesday, August 12, 2020 12:43 AM +0530 Shaheena Kazi shaheena.kazi@gmail.com wrote:
Hi Team,
I wanted to know if TLSv1.3 is supported on openldap 2.4.44. openssl packge which I would be using is - openssl-1.1.1d.tar.bz2 to compile openldap.
If you are building OpenLDAP yourself, you should use the most current release, not one that's over four years old.
Build OpenLDAP 2.4.50, and it has TLS 1.3 support as long as the SSL library does.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
--On Wednesday, August 12, 2020 1:03 AM +0530 Shaheena Kazi shaheena.kazi@gmail.com wrote:
My product is a security product and hence I would like to stick to 2.4.44 or a version provided by buster i.e., 2.4.47.
May be 2.4.47 is a better option. What do you think?
I think if your product takes security seriously, it should use the latest release.
--Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
On 8/11/20 8:33 PM, Shaheena Kazi wrote:
My product is a security product and hence I would like to stick to 2.4.44 or a version provided by buster i.e., 2.4.47.
May be 2.4.47 is a better option. What do you think?
My Æ-DIR is also a security product and exactly for this reason I maintain my own OpenLDAP builds for Debian buser.
Yes, maintenance is work.
Ciao, Michael.
You can find slapd 2.4.50 in buster-backports
https://github.com/peppelinux/ansible-slapd-eduperson2016#debian-10-2447-mem...
Il mar 11 ago 2020, 20:38 Shaheena Kazi shaheena.kazi@gmail.com ha scritto:
My product is a security product and hence I would like to stick to 2.4.44 or a version provided by buster i.e., 2.4.47.
May be 2.4.47 is a better option. What do you think?
On Tue, 11 Aug 2020 at 11:57 PM, Quanah Gibson-Mount quanah@symas.com wrote:
--On Wednesday, August 12, 2020 12:43 AM +0530 Shaheena Kazi shaheena.kazi@gmail.com wrote:
Hi Team,
I wanted to know if TLSv1.3 is supported on openldap 2.4.44. openssl packge which I would be using is - openssl-1.1.1d.tar.bz2 to compile openldap.
If you are building OpenLDAP yourself, you should use the most current release, not one that's over four years old.
Build OpenLDAP 2.4.50, and it has TLS 1.3 support as long as the SSL library does.
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
-- Regards, Shaheena K
openldap-technical@openldap.org