[Fedora-directory-users] Require SSL/TLS Only Connections
David Boreham
david_list at boreham.org
Wed Nov 23 16:22:08 UTC 2005
>> I would like to require that *only* SSL/TLS connections be allowed to
>> my server. This is not to be confused with wanting SSL client
>> authentication. I had initially thought I could do this with ACI
>> using the authmethod="ssl", however after looking at the
>> documentation closely and experimentation this refers to do client
>> based SSL authentication as well. I do have SSL/TLS set up
>> correctly, I just want to disallow non-encrypted traffic.
>
This is interesting. I swear that we had a 'transport security type' aci
las type.
I remember talking about it as if it existed many times. However, when I
look at the code I see that you are correct : the 'authmethod' thing is
really
looking for SASL_EXTERNAL/SSL authentication, and not SSL used
as transport.
Something for the todo list perhaps would be to add transport type:
encrypted or not and so on.
More information about the Fedora-directory-users
mailing list