On Thursday 29 June 2006 17:25, Atom Powers wrote: > Buchan Milne wrote: > > On Wednesday 28 June 2006 22:08, [EMAIL PROTECTED] wrote: > >> Hello. > >> > >> I would like to know if it is possible with OpenLDAP to force user to > >> use TLS ? I know that I can create a certificate for each user and > >> configure OpenLDAP to perform checks on client certificates for an > >> incoming TLS session. First, it obliges to generate a certificate for > >> each user, what I do not want to do. Second, it is only if a TLS > >> session is initiated. What happened if the client does not start a TLS > >> session ? > > > > How about just: > > > > security ssf=128 > > Or: security tls=1 What if I want to force TLS except on the loopback interface?
Regards, Thierry.
