I am trying to setup pam_ldap to use TLS to communicate with the FDS, but having lots of problems doing so; it works if I use the unencrypted way but not if I use ldaps ( port 636 )
I used the instructions at, http://directory.fedora.redhat.com/wiki/Howto:PAM
Has anyone gotten PAM to work TLS
Thanks
_________________________________________________________________ Buy, Load, Play. The new Sympatico / MSN Music Store works seamlessly with Windows Media Player. Just Click PLAY. http://musicstore.sympatico.msn.ca/content/viewer.aspx?cid=SMS_Sept192006
I am trying to setup pam_ldap to use TLS to communicate with the FDS, but having lots of problems doing so; it works if I use the unencrypted way but not if I use ldaps ( port 636 )
Someone should jump in here and correct me if I'm wrong, but I believe it's normal for TLS connections to happen on the standard LDAP port. You should be able to tell from your logs whether the connection is encrypted or not.
Morris, Patrick wrote:
I am trying to setup pam_ldap to use TLS to communicate with the FDS, but having lots of problems doing so; it works if I use the unencrypted way but not if I use ldaps ( port 636 )
Someone should jump in here and correct me if I'm wrong, but I believe it's normal for TLS connections to happen on the standard LDAP port. You should be able to tell from your logs whether the connection is encrypted or not.
Yes. The LDAP "preferred" way is to use the startTLS extended operation which starts a TLS session on the non-secure port. This will be logged in the access log.
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
389-users@lists.fedoraproject.org