Re: [EXT] RE: ldap proxy

Fred N Tue, 04 Feb 2025 12:32:39 -0800

I am using both 2.5 and 2.6 also and I get the same results.

TLS options are duplicated in the slapd.conf file.


slapd.conf on proxy server:
[...]
# TLS
TLSCACertificateFile  /etc/openldap/certs/ca-bundle.crt
TLSCertificateFile   /etc/openldap/certs/server.crt
TLSCertificateKeyFile /etc/openldap/certs/server.key
TLSCipherSuite         HIGH
TLSVerifyClient        demand

Database        ldap
suffix          dc=test,dc=com
uri             ldaps://mytest.com:636
idassert-bind
   mode=self
   bindmethod=sasl
   saslmech=EXTERNAL
   tls_cert=/etc/openldap/certs/server.crt
   tls_key=/etc/openldap/certs/server.key
   tls_cacert=/etc/ssl/certs/ca-bundle.crt
   tls_cacertdir=/etc/ssl/certs
   tls_crlcheck=none
   tls_reqcert=allow
[...]

Re: [EXT] RE: ldap proxy

Reply via email to