[Fedora-directory-users] Require SSL/TLS Only Connections
Ulf Weltman
ulf.weltman at hp.com
Wed Nov 23 04:39:21 UTC 2005
Hello Thomas. You can disable the plain LDAP port by setting
nsslapd-port to 0 in dse.ldif. The errors log should say that the
non-secure port is disabled when you start up again. I don't think
there's a way to get the server to require successful start-TLS on the
plain port before accepting any other operations.
Thomas Cramer wrote:
> I would like to require that *only* SSL/TLS connections be allowed to
> my server. This is not to be confused with wanting SSL client
> authentication. I had initially thought I could do this with ACI
> using the authmethod="ssl", however after looking at the documentation
> closely and experimentation this refers to do client based SSL
> authentication as well. I do have SSL/TLS set up correctly, I just
> want to disallow non-encrypted traffic.
>
>
> In OpenLDAP I would merely state "security ssf=128" to require SSL/TLS
> only connections.
>
> Anyone know how to do this in FDS?
>
>
>
> ==
> tc
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
More information about the Fedora-directory-users
mailing list