Hi!
I've configured slapd to require excryption (confidentiality). Now connections via ldapi:// fail with "13 Confidentiality required". When adding "-ZZ" for ldapsearch (e.g.), the connection fails, because the certificate does not match ldapi:// (I asked about that before, but got no answer). How can I configure slapd not to require confidentiality?
Regards, Ulrich
Ulrich Windl wrote:
I've configured slapd to require excryption (confidentiality).
You did not post relevant configuration details.
Now connections via ldapi:// fail with "13 Confidentiality required". When adding "-ZZ" for ldapsearch (e.g.), the connection fails, because the certificate does not match ldapi:// (I asked about that before, but got no answer). How can I configure slapd not to require confidentiality?
Obviously using TLS over ldapi:// does not make sense.
I have this in my config:
# SSF value for ldapi:// localSSF 256 # minimum required SSF value (security strength factor) security ssf=128
See slapd.conf(5) for details.
Ciao, Michael.
openldap-technical@openldap.org