4 Jan
2017
4 Jan
'17
10:20 a.m.
Hi,
Yes, we are using SSL. We're using the standard OpenLDAP package distributed with CentOS 7, which is built against libnss. Obviously I prefer to rebuild as little of the system as possible but I'm open to the idea of rebuilding OpenLDAP against OpenSSL if necessary.
yes, rebuild. gfairly simple process, get openldap source, compile, install (eg into /usr/local) , remove openldap-devel RPM (keep the system openldap for other things...) - then compile FR again but ensure its picking up the openldap installed in /usr/local (use the configure flags)
What problems did you run into?
several things - most based on connections not reestablishing, connections not noted as failed, TLS issues etc. alan