I am trying to connect to OpenLDAP 2.3.43. ... Is it possible to bind to LDAP without SSL?
If I'm not mistaken, OpenLDAP will return error 53 (unwilling to perform) if you attempt to bind over an insecure connection. This is for a simple bind where the credential is provided in the clear. There are other bind mechanisms (e.g. DIGEST-MD5) that do not have this requirement, but there is additional configuration required on the client and server.
I want to make sure it works before I spend the Money on SSL.
I imagine you mean spending money to purchase a certificate signed by a commercial vendor. Note the only thing you're paying for is for the vendor to sign the certificate signing request you provide. There's nothing to prevent you from signing it with your own private key (self-signed) or that of a CA at your institution. While self-signed certs and certs signed by unknown or poorly known CAs may have additional configuration requirements, it's common practice to test with these sorts of certificates.
M -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
