I am trying to setup pam_ldap to use TLS to communicate with the FDS, but having lots of problems doing so; it works if I use the unencrypted way but not if I use ldaps ( port 636 ) I used the instructions at, http://directory.fedora.redhat.com/wiki/Howto:PAM Has anyone gotten PAM to work TLS Thanks _________________________________________________________________ Buy, Load, Play. The new Sympatico / MSN Music Store works seamlessly with Windows Media Player. Just Click PLAY. http://musicstore.sympatico.msn.ca/content/viewer.aspx?cid=SMS_Sept192006
> I am trying to setup pam_ldap to use TLS to communicate with > the FDS, but having lots of problems doing so; it works if I > use the unencrypted way but not if I use ldaps ( port 636 )Someone should jump in here and correct me if I''m wrong, but I believe it''s normal for TLS connections to happen on the standard LDAP port. You should be able to tell from your logs whether the connection is encrypted or not.
Richard Megginson
2006-Nov-30 18:08 UTC
Re: [Fedora-directory-users] pam_ldap with SSL/TLS
Morris, Patrick wrote:>> I am trying to setup pam_ldap to use TLS to communicate with >> the FDS, but having lots of problems doing so; it works if I >> use the unencrypted way but not if I use ldaps ( port 636 ) >> > > Someone should jump in here and correct me if I''m wrong, but I believe > it''s normal for TLS connections to happen on the standard LDAP port. > You should be able to tell from your logs whether the connection is > encrypted or not. >Yes. The LDAP "preferred" way is to use the startTLS extended operation which starts a TLS session on the non-secure port. This will be logged in the access log.> -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >