22 Jan
2020
22 Jan
'20
9:39 a.m.
On Jan 21, 2020, at 9:14 PM, Byron Jeffery <byronjeffery@cem.org.au> wrote:
Thanks for the add Arran
So something like this in the ldap module config:
server = "ldaps://serverurl"
Yes.
- Also to clarify, is it necessary to specify the ca_file path and set require_cert = 'allow' for self sign certificates if doing LDAPS?
Sure if you want to allow MITM attacks. Otherwise you need some kind of trust anchor. For self-signed, i'd say you provide a copy of the certificate in ca_file, and set require_cert to 'hard'. Not 100% though, never configured it... -Arran